CCNP TSHOOT Learning Guide/Chapter 4
From Teknologisk videncenter
This article is under development....
Maintaining and troubleshooting Campus Switched Solutions
Contents
- 1 This article is under development....
- 2 Maintaining and troubleshooting Campus Switched Solutions
- 3 VLAN Troubleshooting
- 4 Troubleshooting Spanning Tree
- 5 IP CEF
- 6 Etherchannel operation
- 7 Troubleshooting SVI and Inter-VLAN Routing
- 8 First HOP Routing Protocols
VLAN Troubleshooting
Layer 2 reviewing
ARP
- show mac-addresses
SW1#<input>show mac-address-table</input>
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
<notice>...OUTPUT OMITTED...</notice>
1 001b.0cba.4f99 DYNAMIC Gi0/9
1 001b.2a32.2e99 DYNAMIC Gi0/5
1 0021.5a7c.5549 DYNAMIC Gi0/4
1 00a0.d1e6.60b4 DYNAMIC Gi0/22
41 0014.f273.96c0 DYNAMIC Gi0/7
<notice>...OUTPUT OMITTED...</notice>
41 001b.0cb6.9141 DYNAMIC Gi0/7
41 001b.0cba.4fc1 DYNAMIC Gi0/9
41 001b.2a32.2ec1 DYNAMIC Gi0/5
12 001f.297d.3460 DYNAMIC Gi0/2
20 00a0.c543.035d DYNAMIC Gi0/6
22 0003.47ca.d67c DYNAMIC Gi0/7
22 000c.296c.1120 DYNAMIC Gi0/12
24 0016.769f.ff4e DYNAMIC Gi0/8
28 0013.2085.a1fe DYNAMIC Gi0/9
28 0013.2085.c447 DYNAMIC Gi0/9
<notice>...OUTPUT OMITTED...</notice>Troubleshooting layer 2
- Hardware issues (move cable to good port)
- VLAN configuration.
- Inter-VLAN traffic must be routed
- Trunk configuration
- Same trunkprotocol (DOT1Q,ISL)
- Same Native VLAN
Verifying Layer 2 Forwarding
Often used commands
- show mac-address-table
- show vlan
- show interface trunk
- show interface switchport
- show platform forward interface - Example below
- traceroute mac - Example below
show platform forward interface example
Show how the switch will direct traffic
SW1#<input>show platform forward gigabitEthernet 0/1 vlan 1 0021.5a7c.5549 001b.2a32.2e99</input>
Ingress:
Global Port Number: 1, lpn: 3 Asic Number: 1
Source Vlan Id: Real 1, Mapped 1. L2EncapType 0, L3EncapType 3
Hashes: L2Src 0x00 L2Dst 0x09 L3Src 0x00 L3Dst 0x09
Lookup Key-Used Index-Hit A-Data
Classify 68_0070001B_2A322E99-00_00000021_5A7C5549 00FFC 00000000
InputACL 20_0070001B_2A322E99-00_00000021_5A7C5549 01FF8 01000000
L2LrnMsk FF_03FFFFFF_FFFFFFFF-00_000003FF_00000000
L2Learn 83_00010021_5A7C5549-93_00000401_00000000 01840 00000000
L2FwdMsk FF_03FFFFFF_FFFFFFFF
L2Fwd 83_0001001B_2A322E99 0003E 000000C5
Station Descriptor: F005F001, DestIndex: F005, RewriteIndex: F001
==========================================
Egress: Asic 0, switch 1
Source Vlan Id: Real 1, Mapped 1. L2EncapType 0, L3EncapType 3
portMap 0x4, non-SPAN portMap 0x4
Output Packets:
------------------------------------------
GigabitEthernet0/5 Packet 1
Lookup Key-Used Index-Hit A-Data
OutptACL 30_0070001B_2A322E99-00_00000021_5A7C5549 01FFC 01000000
Port Vlan SrcMac DstMac Cos Dscpv
Gi0/5 0001 0021.5a7c.5549 001b.2a32.2e99traceroute mac
Did not work out all right.
SW1#<input>traceroute mac 001b.0c5d.42c2 0006.5bc5.2dfb</input>
l2trace error response received : 3 from 192.168.4.22
Layer2 path not through SW2 [192.168.4.22].
Layer2 trace aborted.Troubleshooting Spanning Tree
Example
insert figure 4-9 on page 112
- Elect a root bridge
- based in lowest BID
- Select a root port on each switch.
- Elect a designated device/port on each network segment
- Based on lowest cost to Root bridge.
- Ties are broken on BID
- Further ties are broken by lowest port ID
- Based on lowest cost to Root bridge.
- Ports that ended up as neither a root port nor a designated port go into [[Spanning_tree_protocol#STP_Port_States|blocking] state
Analyzing Spanning Tree
show spanning-tree
SW1#<input>show spanning-tree vlan 10</input>
MST01
Spanning tree enabled protocol mstp
Root ID Priority 24577
Address 0019.e751.0880
<notice>This bridge is the root</notice>
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24577 (priority 24576 sys-id-ext 1)
Address 0019.e751.0880
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/1 Desg FWD 20000 128.1 P2p
Gi0/2 Desg FWD 20000 128.2 P2p
Gi0/12 Desg FWD 20000 128.12 P2pAnother example
SW1#<input>show spanning-tree interface gigabitEthernet 0/2 detail</input>
Port 2 (GigabitEthernet0/2) of <notice>MST00</notice> is designated forwarding
Port path cost 20000, Port priority 128, Port Identifier 128.2.
Designated root has priority 32768, address 0014.f273.96c0
Designated bridge has priority 32768, address 0019.e751.0880
Designated port id is 128.2, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 2
Link type is point-to-point by default, Internal
Bpdu filter is enabled internally
BPDU: sent 1530609, received 9
Port 2 (GigabitEthernet0/2) of <notice>MST01</notice> is designated forwarding
Port path cost 20000, Port priority 128, Port Identifier 128.2.
Designated root has priority 24577, address 0019.e751.0880
Designated bridge has priority 24577, address 0019.e751.0880
Designated port id is 128.2, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 2
Link type is point-to-point by default, Internal
Bpdu filter is enabled internally
BPDU: sent 1530609, received 9IP CEF
3560 Switch platform
CEF
- show ip cef 0.0.0.0 0.0.0.0 internal
SW1#<input>show cef fib</input>
119 allocated IPv4 entries, 0 failed allocationsSW1#<input>show ip cef switching statistics</input>
Reason Drop Punt Punt2Host
RP RIB Packet destined for us 0 1412459 0
RP RIB Total 0 1412459 0
RP LES No adjacency 6399 0 100446
RP LES TTL expired 0 0 36
RP LES Total 6399 0 100482
All Total 6399 1412459 100482SW1#<input>show ip cef vrf * summary</input>
IPv4 CEF is enabled for distributed and running
VRF Default:
130 prefixes (130/0 fwd/non-fwd)
Default network 0.0.0.0/0
Table id 0, 0 resets
Database epoch: 1 (130 entries at this epoch)Heimdal#<input>sh ip cef</input>
Prefix Next Hop Interface
0.0.0.0/0 172.16.4.1
0.0.0.0/32 receive
172.16.4.0/24 attached Vlan1
172.16.4.0/32 receive
172.16.4.1/32 attached Vlan1
172.16.4.5/32 attached Vlan1
172.16.4.15/32 attached Vlan1
172.16.4.16/32 attached Vlan1
172.16.4.20/32 receive
172.16.4.22/32 attached Vlan1
172.16.4.233/32 attached Vlan1
172.16.4.254/32 attached Vlan1
172.16.4.255/32 receive
192.168.22.0/24 172.16.4.16
192.168.128.0/24 attached Vlan10
192.168.128.0/32 receive
192.168.128.1/32 receive
192.168.128.255/32 receive
192.168.130.0/24 attached Vlan12
192.168.130.0/32 receive
192.168.130.1/32 receive
192.168.130.126/32 attached Vlan12
192.168.138.149/32 attached Vlan20
192.168.138.255/32 receive
192.168.140.0/24 attached Vlan22
<notice>...OUTPUT OMITTED...</notice>Adjacency table
SW1#<input>show adjacency</input>
Protocol Interface Address
IP Vlan1 172.16.4.5(7)
IP Vlan1 stella.tekkom.dk(7)
IP Vlan1 mars(9)
IP Vlan1 172.16.4.50(9)
IP Vlan1 172.16.4.60(9)
IP Vlan1 172.16.4.66(7)
IP Vlan12 192.168.130.126(7)
IP Vlan12 hot-pc-gf.tekkom.local(7)
IP Vlan28 192.168.146.145(7)
IP Vlan28 192.168.146.146(7)
IP Vlan28 192.168.146.149(7)
IP Vlan28 192.168.146.150(7)
IP Vlan28 192.168.146.151(7)Looking at details
SW1#<input>show adjacency 172.16.4.16 detail</input>
Protocol Interface Address
IP Vlan1 mars(9)
0 packets, 0 bytes
epoch 0
sourced in sev-epoch 4874
Encap length 14
<notice>0007E9400ABF</notice>0019E75108C00800
ARP
SW1#<input>sh arp | inc 172.16.4.16</input>
Internet 172.16.4.16 1 <notice>0007.e940.0abf</notice> ARPA Vlan1Notes
If you enable CEF and then create an access list that uses the log keyword, the packets that match the access list are not CEF switched. They are fast switched. Logging disables CEF.
http://www.cisco.com/en/US/docs/ios/12_2/switch/configuration/guide/xcfcef.html
Links
- See [1]
Etherchannel operation
- See EtherChannel
Common Etherchannel problems
Inconsistensies between the physical ports that are member of a channel
- Must have same speed, duplex, trunk or access port status.
- Same native VLAN when trunking
- Same access VLAN when access port
Log message
%EC-5-CANNOT_BUNDLE2
Inconsistensies between the ports on the opposite sides of the EtherChannel link
If the switch on the other side is not configured to a etherchannel by discovering inconsistencies in the spanning tree.
Log message
%SPANTREE-2-CHNL_MISCFG
Uneven distribution of traffic between EtherChannel bundle members
See EtherChannel#Distributing_traffic_in_the_EtherChannel
Show commands
- show etherchannel summary
- show etherchannel 1 detail
Troubleshooting SVI and Inter-VLAN Routing
First HOP Routing Protocols
Verifying FHRP Operation
HSRP
- See HSRP
- show standby brief
- show standby fa0/0
- debug standby terse
VRRP
- See VRRP
- show vrrp brief
GLBP
- See GLBP
- show glbp brief