Newbie connecting DELL 6248 stack to CISCO 3750 stack

I need to extend the office LAN by connecting an existing CISCO WS-C3750X-12S-S   stack to a new DELL 6248 stack.

I intend to use the fibre/combo port In DELL 6248 to connect to CISCO uplink port.

I want to use DELL port 48 but I saw there were 1/g48 and 1/xg48.  From memory, they are mutually exclusive.

Q1.  Does it mean I will just configure 1/g48 and don't bother going into the config of 1/xg48?

Q2.  To connect the 2 stacks together, should I just define both connecting ports as trunk port?  I have no experience in doing that.  FYI.  We are using VLANs in the CISCO stacks already and so the new DELL stacks need to know about it.

I was able to connect the 2 stacks together, but I am not sure if what I did was correct.

On the existing CISCO stack, I have been using VLAN 1 as the data (untagged) and VLAN 100 as voice (tagged).

On the new DELL stack, I defined 1/g48 (fibre port) as access port and VLAN 100 as the default untagged VLAN.

On the existing CISCO stack, I leave the Gigabit 1/0/4 port to its default which happens to be access mode with 1 as the default VLAN.

I thought what I did was incorrect but anyway I thought I still gave it a go and I was able to plug a PC into the DELL stack and do the normal "data" stuff without any problems.

Q1.  So, does it mean that even if the VLAN nos do not match on the connecting ports, it does not really matter?

Is this correct?

a) On the DELL stack, I configured the 1st fibre port as below:

#show interfaces switchport ethernet 1/g48

Port: 1/g48

VLAN Membership mode:Access Mode

Operating parameters:

PVID: 100

Ingress Filtering: Enabled

Acceptable Frame Type: Untagged

Default Priority: 0

GVRP status:Disabled

Protected:Disabled

Port 1/g48 is member in:

VLAN    Name                              Egress rule   Type

----    --------------------------------- -----------   --------

100     Data                              Untagged      Static

Static configuration:

PVID: 100

Ingress Filtering: Enabled

Acceptable Frame Type: Untagged

Port 1/g48 is statically configured to:

VLAN    Name                              Egress rule

----    --------------------------------- -----------

100     Data                              Untagged

Forbidden VLANS:

VLAN    Name

----    ---------------------------------

b) On the CISCO stack, I configured the fibre port as below:

Name: Gi1/0/4

Switchport: Enabled

Administrative Mode: static access

Operational Mode: static access

Administrative Trunking Encapsulation: negotiate

Operational Trunking Encapsulation: native

Negotiation of Trunking: Off

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Unknown unicast blocked: disabled

Unknown multicast blocked:  WS-C3750V2-48PS-S    disabled

Appliance trust: none

Cisco 3750 =>blocking dhcp trafic on an interface

At work I've got a cisco WS-C3750V2-24PS-S   switch and few end devices which of course are company proprietary, connected to this switch in a separate VLAN. Now these end devices generate dhcp traffic "request" and is being propagated across all the sites where these devices are connected.

     Now I've been reading stuff about dhcp snooping features which is great but in this instance these end devices don't have a DHCP server. In this scenario all these end end devices have got static ip addresses allocated.

    Also my senior engineer being very narrow minded wants me to implement this change only on the interface level and not on the configuration level.

     Can someone please confirm if I can just only enable "ip dhcp snooping trust" on the interface level which i believe will stop the dhcp traffic ??

I'd only enable "ip dhcp snooping Vlan 10" in the global config.

So after enabling "ip dhcp snooping Vlan 10" in the global config , the switch will only stop DHCP traffic, correct ??

I am a little pedantic  since i've never performed this setting on a cisco  WS-C3750X-24P-S  switch before and would really appreciate input of experienced people !!

Configuring SNMPv3 for Cisco 3560X

I am using OpManager ver 9101.

Recently installed a Cisco WS-C3560X-24T-L   switch and wanted to test using SNMPv3 to manage the switch.

The following are the commands used on Cisco 3560X:-

snmp-server group OpMgrGrp v3 priv

snmp-server user OpMgrUser OpMgrGrp v3 auth sha ABC priv aes 128 DEF

snmp-server context opmanager

I created the credentials using OpMgrUser with SHA ABC and AES DEF, and context opmanager in OpManager.

Then try to add device, but it is trying until timeout and failed to add the device.

If I use the following command, then OpManger added the device successfully.

snmp-server community public RO 99

Which context name should I put in OpManager credential?

If you have followed the KB WS-C3560X-24T-S , you can leave it blank.

Cisco Catalyst 3750 PoE Issue

we have a 3-switch stack (1x WS-C3750V2-24PS-S    48-port w/no PoE on top, and 2x 3750 48-port PoE underneath). We have PoE IP phones that are all functioning. I recently acquired 2 Engenius EAP9550s to add as repeaters for an expansion of our office. When I connect the APs (in PoE mode on the switches), the indicator for each AP turns green and the APs power up, briefly.

After about 10 seconds, the indicator LED on the switch turns amber. At this point, almost all of the indicators are amber on this bottom switch, they all changed to amber after I tried the APs in them. We have about 5 PoE phones connected to it (the remainder are on the middle PoE 3750)

The device specs state that each AP runs at about 18W (48 VDC x 375 mA)

I can't imagine that I am hitting my wattage limit per switch with the small number of phones that are connected to that particular switch, but the indicator code seems to imply the switch is denying PoE for these ports due to the 350W limit. I don't see any voltage limits in the spec sheet for the switch so I am at a loss.

So, when the switches are stacked, is there a different limit? Or does each switch have its own individual limit? Do I need a booster? I was under the impression the APs would function fine, we have a separate AP on a different physical network with the identical switch setup and it works just fine. PoE is enabled in the port specifications for every port on all of our PoE switches (its the default but I double-checked to be sure).

Do you actually need Power over Ethernet for all of the ports that have it active? If not turn off the extras as you don't need the power drain...

Are these switches connected to a UPS system and is that system throwing any warnings or errors? It could be that you are actually running out of available power with all the ports and switches and such connected in the same place...

Also, how is the power getting into the switches? You're not trying to chain feed it from one to the next right? They each have their own AC adapters correct?

We need the option since the IP phones we have are pass-through switches for our non VoIP traffic - i.e. VLAN 9 - VoIP, VLAN 8 Data, both through the same port and it needs PoE for the phone to power on and provide the passthrough switching.

We have 3 UPSs running at 30% capacity each according to the management consoles, no warnings. That was the first thing I checked, each switch is plugged directly into a PDU and it is all load balanced, no chaining at all.

If there is a non-PoE (or no device at all) plugged into the PoE switch, does it drain more power than designating the port as non-PoE? I thought the switches automatically determined power requirements.

I figured the same thing regarding the circuit, but there is nothing else plugged in to this particular switch aside from 5 PoE IP phones and the 2 APs.

Switching the positions of the switches would be a task, so I haven't tried it. I picked up 2xGb PoE Boosters for cheap to see if they fix the problem. Thinking about the stack, they are all trunked, but they each have dedicated power supplies so I can't imagine the stack would have a more limited Wattage than the sum of the 3 switches  WS-C3750X-24P-S  . We shall see, thanks for helping me brainstorm!

Ios update for 3560-C

I plan to buy WS-C3560X-24T-L   (Catalyst 3560-C) for my home lab. I just created a new account on cisco.com (I did not register any equipment or contract for that new account). I was able to download ios 12 and 15 for that switch.

Will I be able to flash one of these versions when I will have the new switch ?

Cisco warranty for these Switchs (Enhanced Limited Lifetime Hardware Warranty, www.cisco-servicefinder.com/warrantyfinder.aspx) says NO OS Software Updates included. Does tha mean that I can download ios updates but won't be able to flash the device or use it ?

- Do I really have to buy Smartnet support to be able to update ios for that switch ?

Hello just to answer some of your points.

- Everybody with an cisco account and without contract can download universal ios. The universal ios file can't be used without an proper license. So it doesn't matter

Maybe this is the case, may just come with a base feature set. Ip base or LAN base?

- 3560CG comes with an IP Base license and can't be upgraded to IP Services

It can be upgraded to ip services. You need the correct image or license, depending on which major version you go with, I.e. 12 or 15.

12 you can download the correct firmware with the feature set, with 15 you need a license.

- So I suppose that I will be able to update 3560CG with any universal ios version and "stay" at IP Base level

Depending on what feature set the universal image has without licenses. I assume its base.

- Smartnet is required if you need support (TAC) or quick (4, 8 hours) hardware replacement

Yes I believe so, although I think the thing you call smartnet, I call Cisco service support contract..?

- Smartnet is not required for normal (days) hardware replacement as WS-C3560X-24T-S   warranty is lifetime of the product (except power for 5 years)

This information should all be in the service support contract.

Cisco 2901 Licensing Confusion

I am trying to figure out Cisco's licensing when it comes to universal images. I have a Cisco 2921 price   router that I am about to implement but need some clarification. I need to be able to participate in OSPF routing and to use the EHWIC-4ESG (4 port L2) card.

The router I have has the IP Base, SEC and UC packages enabled. Now this should work for OSPF according to what I have read, but I am concerned about L2 ports. According to cisco.com the DATA package includes

     

Data features found in SP Services and Enterprise Services IOS image on ISR 1800,2800 and 3800 e.g. MPLS, BFD, RSVP ,L2VPN, L2TPv3 ,LAYER 2 LOCAL SWITCHING , Mobile IP, Multicast Authentication,FHRP-GLBP ,IP SLAs, PfR ,DECnet, RSRB, BIP, DLSw+, FRAS, Token Ring ,ISL, IPX ,STUN, SNTP, SDLC, QLLC etc.

The part that throws me there in 'Layer 2 Local Switching', does that mean I can not do any switching on the EHWIC unless I have the data license? This doesnt make sense.

Well answered my own question by testing the configuration. It does not appear to impact the switch module. So I am not sure what that is referring to in the Data licensing. Maybe only the  Cisco 2901-SEC  Router ports?

QOS implementation on 3750 switches

I am wanting to test our qos design behavior in a lab using two WS-C3750X-12S-S  switches that are trunked together each with a laptop connected to a switch port.  I would like to create traffic across the trunk link so that i can observe what traffic is dropped in the queue when congestion occurs.  I am having a hard time creating enough traffic on the link to drop packets. 

what is the best way to create traffic just for this purpose?  Should i change some key configuration parameters (ie interface bandwidth) to make it easier to reach a point of conjestion with less traffic?

Considering those are Gb ports you probably aren't going to be able to produce enough traffic to congest that testbed with only 2 laptops.  Whatever QoS you are trying to test lower the threshold to something radically low so a single conversation can trip it.  However I'm still not sure you are going to see anything interesting WS-C3750V2-48PS-S   because there isn't any other traffic being produced on the switch.

General slowness in the network - Cisco core switches (4506 & 6509) and Edge switches(3750)

We have 2 core switches 4506 & 6509 with 4 cisco WS-C3750X-48T-L   stacks (8 switches per stack) across all 4 floors. we have an etherchannel of 2 * 1 GB ports between the cores. There is general slowness across the network and i cant really see any direct cause of it, We are also getting these alerts on most of our edge switches.

We need to add another stack of cisco 3750 switches for new 5th floor and i was wondering if our current setup will be able to cope with it.

5d00h: %CMP-CLUSTER_MEMBER_1-5-NBR_UPD_SIZE_TOO_BIG: Number of neighbors in neig

hbor update is 128, maximum number of neighbors allowed in neighbor update is 10

Error Message    CMP-5-NBR_UPD_SIZE_TOO_BIG: Number of neighbors in neighbor update is [int], maximum number of neighbors allowed in neighbor update is [int].

Note      This message applies to the Catalyst 3750-E and 3560-E switches.

Explanation    The number of cluster neighbors in the clustering neighbor update packet exceeds the number of neighbors supported by the clustering module. The first [int] is the new number of neighbors, and the second [int] the maximum number of neighbors.

Recommended Action    No action is required."

How are the stacks connected to the core switches? Are all switches configured the same, and are they all getting the messages?

Do you have the "cluster enable" command configured? Please post the config of a sample switch that's getting the message.

I have no idea whether the channel is a bottleneck, it depends on how much traffic is running between them. You can also add ports to the channel which is cheaper than moving to 10G and will give you a quick answer on whether that's an issue.

The mask on the server VLAN doesn't matter if the number of devices isn't outrageous.

I do see that some of the switches are not part of the stack config. I don't know if they're gone or just unstacked, but the latter might cause issues.

I would look at spanning tree. Take the time to determine exactly how everything is connected, where the spanning tree root is, and what links are blocked. Draw out an accurate topology and then mark up where blocking occurs, then post here if you like. It could be that a poor spanning tree design is causing problems.

Regarding the messages, my understanding is that you can safely remove the "cluster enable" command from your switches, and that is what causing the messages. Here is the Cisco info about this command:

Use the cluster enable global configuration command on a command-capable switch to enable it as the cluster command switch, assign a cluster name, and to optionally assign a member number to it. Use the no form of the command to remove all members and to make the cluster command switch a candidate switch.

cluster enable name [command-switch-member-number]

no cluster enable

Syntax Description

name

Name of the cluster up to 31 characters. Valid characters include only alphanumerics, dashes, and underscores.

command-switch-member-number

(Optional) Assign a member number to the cluster command switch of the cluster. The range is 0 to 15.

Defaults

The switch is not a cluster command switch.

No cluster name is defined.

The member number is 0 when the switch is the cluster command switch.

Command Modes

Global configuration

Command History

Release

Modification

12.1(11)AX

This command was introduced.

Usage Guidelines

Enter this command on any command-capable switch that is not part of any cluster. This command fails if a device is already configured as a member of the cluster.

You must name the cluster when you enable the cluster command switch. If the switch is already configured as the cluster command switch, this command changes the cluster name if it is different from the previous cluster name.

Examples

This example shows how to enable the cluster command switch, name the cluster, and set the cluster command switch member number to 4.

Switch(config)#  WS-C3750X-48T-S    cluster enable Engineering-IDF4 4

Cisco stacked 3750 switch

I have a stacked Cisco WS-C3750X-24T-L    switch, two of them in this stack.  They have dual power to a Cisco 2200 redundant power unit.  It appears (according to tac) that the on board power unit on the second switch in the stack has failed, and the 2200 is what is keeping it up and running.  They told me the onboard power supply is not hotswappable, and the second switch in the stack must be replaced. 

What is the best way to do this ?  Do I shut down both switches, swap out the second switch, plug cables back in and power up ?  Do I just shutdown the second switch with the failed power supply, pop in the new one, plug in cables and power up ?  The cfg is on the first switch in the stack correct ?  Is there anything I need to pull off of the second switch ?

^ second that.  If the firmware levels do not match, you may end up with a brick.  The master may attempt replacing firmware.  If it is writing old over new...brick.  If it is writing new over old, but stalls/fails...brick.

Better to do the firmware upgrade offline, while the existing stack units are still functioning.

In general, watch cable position.  Label them accordingly before disconnecting.  When you unplug them, all ports may not be equal.

For instance, did you have one forced to 10Mb duplex, or aggregated with other ports.

When replacing, I was able to move the downed switch 2u down, and mount the replacement.  Then I could move the patch cables over one-by-one.

YMMV.  But it made it easy that I could  WS-C3750X-24T-S   replicate the cable layout and not have to change any notes or documentation.

Cisco 2801 Router w/ 2 hwic-4esw cards..config help needed.

here is the scenario.  I have a T-1 connection and a cable high-speed internet connection.  A Cisco 2801 Router with 2 EHWIC-4ESG    cards.

the t-1 is in Fa0/1.  the ip block for this is 1.1.1.2 - 1.1.1.19

the cable internet is on Fa0/0.  the ip block for this is 2.2.2.2 - 2.2.2.19

I would like for any traffic coming through switch card 1 (Fa0/1/0) to go through the cable line Fa0/0

I would like for any any traffic coming through switch card 3 (Fa0/3/0) to go through the T-1 Fa0/1

I am fairly new at this and am having trouble following the Cisco guides.  I have successfully assigned my wan ip's to the Fa0/0 and Fa0/1 but am having problems routing the traffic from the switch cards to the correct Fa port

Ok. First of all the edge router (2801) needs to know a way of routing internal clients onto 2 different out going paths.

So lets say if the traffic coming on Fa0/1/0 is all from 10.0.0.0 network ; and;

traffic coming on Fa0/3/0 is all from 20.0.0.0 network. Which means router differentiates the ip addresses, so you can employ an access-list to match the traffic and let it go via the interface you want like;

Access-list  EHWIC-1GE-SFP-CU    <number> permit ip 10.0.0.0 0.255.255.255 any and set it to go using one link using route maps.

Connecting 2x stacked Cisco 3750 to 1x Cisco 2950

We have 2x Cisco WS-C3750X-24T-L   switches that have been partitioned into various VLANs. These switches are stacked, and the VLAN partitioning is symmetrical on both switches - that is ports x-y on switch 1 are in the same VLAN as the corresponding ports x-y in switch 2. This enables us to have redundancy with the networking of our servers as NIC1 of each machine is plugged into switch 1 and NIC2 is plugged into switch 2. Fairly standard stuff, I'd imagine...

We have some devices (managment NICs etc) that need to be in a particular VLAN (our management VLAN in this case). As these are inherently "single NIC" connections, and also because they are not used day-in-day-out (just on the odd occasion when we need to remotely manage the servers), it makes sense to connect these to another, cheaper, slower switch (enter the 2950) - so they don't use up valuable gigabit ports on the 3750s.

We don't want to lose the redundancy, however - even though these aren't connections that will be used frequently, we still want them to be as available as possible.

I'd like to be able to connect the 1x 2950 to BOTH of the 3750s in such a way that devices in the 2950 would be still available on the network if either of 3750s lost power.

My thinking is having a crossover cable from a port in the management VLAN on each 3750 attached to a port in the 2950, and configured to be trunked or aggregated in some way (I'd imagine there'd need to be special config to prevent routing loops). I have attached an image of what I imagine this setup would look like.

Please could someone let me know if this is possible, and if it is, also provide the relevant config required for each  WS-C3750X-24T-S    switch (only pertinent sections - port channels, interfaces)

If they're in the same subnet, they're in the same VLAN. So there's no need for a trunk.

You can connect the switches and let spanning-tree deal with the redundant link or do as Arnie says and channel the links. Since it's a low-use situation, there's not much difference as far as functionality goes.

Clone Cisco 3560 / 3750

I have a WS-C3750X-12S-S   switch which needs a complete reconfigure as we are moving to new IP ranges.

Is there an easy way to pre-configure a config and then upload it, reboot and have the switch configured?

I thought I could do a "copy tftp start", but it didn't work.  I thought it might be the vlans.dat file, but that's not it either, as even the HOSTNAME doesn't change when I try.

What if I wanted to blow out the same config to 100 switches?

Generally you would copy off the existing config. I am guessing here that name/ip change, but other config stays the same.

copy run tftp (to another switch/router/computer)

edit the config script by updating ip/hostname/port descriptions/whatever

copy tftp run (from updated script to switch)

<<test>>

copy run start  <<or>> write mem

The same procedure will work for many switches, but you will want them to have unique ip and name. You could build a config with no hostname or ip assigned, load each switch and do just the hostname and ip in the initial setup screens, then copy on the rest of the config using copy tftp start followed by a WS-C3750V2-48PS-S     power cycle.‘’

My PC cannot access FQDNs through Cisco 1841 HWIC 3G Gateway

I have set up a Cisco 1841 with the HWIC-1T    as a gateway.  I have one PC on the LAN side and can ping outside public IPs with no issues.  However, when I try to ping or connect via HTTP to a domain name, it won't resolve the IP address.  The Router config and interface status are below:

Router#sh ip int b

Any interface listed with OK? value "NO" does not have a valid configuration

Interface                  IP-Address      OK? Method Status                Protocol

FastEthernet0/0            172.16.1.1      YES manual up                    up

FastEthernet0/1            unassigned      YES unset  administratively down down

Cellular0/0/0              unassigned      YES manual up                    up

NVI0                       unassigned      NO  unset  up                    up

SSLVPN-VIF0                unassigned      NO  unset  up                    up

Dialer1                    10.97.206.87    YES IPCP   up                    up

Router#

Router#sh run

Building configuration...

Current configuration : 1801 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

!

no aaa new-model

dot11 syslog

ip source-route

!

!

!

ip dhcp pool ciscolab

   network 172.16.1.0 255.255.255.0

   dns-server 208.67.222.222

   domain-name ciscolab

   default-router 172.16.1.1

!

!

ip cef

no ipv6 cef

!

multilink bundle-name authenticated

!

chat-script gsm "" "ATDT*98*2#" TIMEOUT 60 "CONNECT

archive

 log config

  hidekeys

interface FastEthernet0/0

 ip address 172.16.1.1 255.255.255.0

 ip nat inside

 ip virtual-reassembly

 duplex auto

 speed auto

!

interface FastEthernet0/1

 no ip address

 shutdown

 duplex auto

 speed auto

!

interface Cellular0/0/0

 no ip address

 ip nat outside

 ip virtual-reassembly

 encapsulation ppp

 load-interval 60

 dialer in-band

 dialer pool-member 1

 dialer-group 1

 async mode interactive

 no fair-queue

!

interface Dialer1

 ip address negotiated

 ip nat outside

 ip virtual-reassembly

 encapsulation ppp

 dialer pool 1

 dialer idle-timeout 0

 dialer string internet

 dialer persistent

 dialer-group 1

 no fair-queue

 no cdp enable

 ppp authentication chap callin

 ppp chap hostname cisco

 ppp chap password 0 cisco

 ppp ipcp dns request

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer1

no ip http server

no ip http secure-server

!

ip nat inside source list 2 interface Dialer1 overload

!

access-list 2 permit any

dialer-list 1 protocol ip permit

!

control-plane

!

line con 0

line aux 0

line 0/0/0

 exec-timeout 0 0

 script dialer gsm

 login

 modem InOut

 no exec

 rxspeed 3600000

 txspeed 384000

line vty 0 4

 exec-timeout 0 0

 password cisco

 login

!

scheduler allocate 20000 1000

end

Router#

Do an ipconfig /all on the PC to ensure it is being issued the DNS server address via DHCP on the router.

After you have verified this, if the DNS server IP is present and correct;

Conduct an 'nslookup' from the command line

Check the server listed is correct, else type 'server 208.67.222.222'

Then type 'www.google.com.au' and see if it resolves in an NSLookup.

Let me know the results of the above.  WS-X45-SUP7L-E     Thanks

Policy Based Routing in 3750 Switch

The scenario is as follows :

a) A 3750 Switch , which as 2 VLANS , one is DATA VLAN and other VLAN is Voice VLAN

b) In the WS-C3750X-24P-S   Switch, DATA VLAN Gateway is a Router and Voice VLAN is a Voice gagteway has conected

c) In the Same Switch having two Gateways , in turn Gateways are connected to Internet

Querie :

a) How to Configure Routing for DATA and Voice for getting internet.

b) Is PBR helps for Each VLAN traffic sets with the respective gateways

c) Will it WOrks or any suggestions ?

d) Pls send the refference COnfiguration

You can just set up normal default routing for the data vlan, and just set up PBR for the voice traffic.

So you will just create an access-list to match vlan traffic and then create a route map to set the next hop to the voice gateway.

Forget about PBR, you don't need that. The switch has its default gateway in the data VLAN so you can access it and manage it, the default gateway points to the router IP address. All PC have their default gateway pointing to the router IP address, not to any address on the switch.

All phones have their default gateway on th IP address of the voice gateway, not on any IP address of the switch. The switch does not even need an IP address in the voice VLAN. It only transports ethernet frames in the two VLAN. For that matter just have a config with two VLAN, assign the VLAN to the corresponding ports and in case you use phones and PC on the same ports use the voice vlan commands.

I hope I have understood your situation correctly. Otherwise let me know.

I agree. If he is in fact just using the 3750 as a layer 2 switch then he doesn't need PBR. My assumption is that he is (I would hope) using the WS-C3750X-24P-L  as Layer 3 and have SVI for each vlan. Thus, he would need PBR in that case.

I don't know why everybody is so keen about using PBR. I agree it is a nice feature but in my opinion it is designed for situations that you have no other way of bringing them into service.

 IP is still a destination based protocol and so all optimizations in terms of forwarding performance are based on the destination address as criterion. After switching on PBR everyody asks immediately "why is it slower than what I am used to?". I have seen this in many situations.

For normal situations like one voice and one data VLAN a normal network design should be sufficient and therefore no need for PBR.