CCNP TSHOOT Learning Guide/Chapter 4

From Teknologisk videncenter
< CCNP TSHOOT Learning Guide
Revision as of 14:08, 15 June 2010 by Heth (talk | contribs) (Etherchannel operation)
Jump to: navigation, search

Kate.png This article is under development....

Maintaining and troubleshooting Campus Switched Solutions

VLAN Troubleshooting

Layer 2 reviewing

ARP

  • show mac-addresses
SW1#<input>show mac-address-table</input>
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 All    0100.0ccc.cccc    STATIC      CPU
 All    0100.0ccc.cccd    STATIC      CPU
<notice>...OUTPUT OMITTED...</notice>
   1    001b.0cba.4f99    DYNAMIC     Gi0/9
   1    001b.2a32.2e99    DYNAMIC     Gi0/5
   1    0021.5a7c.5549    DYNAMIC     Gi0/4
   1    00a0.d1e6.60b4    DYNAMIC     Gi0/22
  41    0014.f273.96c0    DYNAMIC     Gi0/7
<notice>...OUTPUT OMITTED...</notice>
  41    001b.0cb6.9141    DYNAMIC     Gi0/7
  41    001b.0cba.4fc1    DYNAMIC     Gi0/9
  41    001b.2a32.2ec1    DYNAMIC     Gi0/5
  12    001f.297d.3460    DYNAMIC     Gi0/2
  20    00a0.c543.035d    DYNAMIC     Gi0/6
  22    0003.47ca.d67c    DYNAMIC     Gi0/7
  22    000c.296c.1120    DYNAMIC     Gi0/12
  24    0016.769f.ff4e    DYNAMIC     Gi0/8
  28    0013.2085.a1fe    DYNAMIC     Gi0/9
  28    0013.2085.c447    DYNAMIC     Gi0/9
<notice>...OUTPUT OMITTED...</notice>

Troubleshooting layer 2

  • Hardware issues (move cable to good port)
  • VLAN configuration.
    • Inter-VLAN traffic must be routed
  • Trunk configuration
    • Same trunkprotocol (DOT1Q,ISL)
    • Same Native VLAN

Verifying Layer 2 Forwarding

Often used commands

  • show mac-address-table
  • show vlan
  • show interface trunk
  • show interface switchport
  • show platform forward interface - Example below
  • traceroute mac - Example below

show platform forward interface example

Show how the switch will direct traffic

SW1#<input>show platform forward gigabitEthernet 0/1 vlan 1 0021.5a7c.5549 001b.2a32.2e99</input>
Ingress:
Global Port Number: 1, lpn: 3 Asic Number: 1
Source Vlan Id: Real 1, Mapped 1. L2EncapType 0, L3EncapType 3
Hashes: L2Src 0x00 L2Dst 0x09 L3Src 0x00 L3Dst 0x09
 Lookup                   Key-Used                  Index-Hit    A-Data
Classify 68_0070001B_2A322E99-00_00000021_5A7C5549     00FFC   00000000
InputACL 20_0070001B_2A322E99-00_00000021_5A7C5549     01FF8   01000000
L2LrnMsk FF_03FFFFFF_FFFFFFFF-00_000003FF_00000000
L2Learn  83_00010021_5A7C5549-93_00000401_00000000     01840   00000000
L2FwdMsk FF_03FFFFFF_FFFFFFFF
L2Fwd    83_0001001B_2A322E99                          0003E   000000C5
Station Descriptor: F005F001, DestIndex: F005, RewriteIndex: F001
==========================================
Egress: Asic 0, switch 1
Source Vlan Id: Real 1, Mapped 1. L2EncapType 0, L3EncapType 3
portMap 0x4, non-SPAN portMap 0x4

Output Packets:
------------------------------------------
GigabitEthernet0/5 Packet 1
 Lookup                   Key-Used                  Index-Hit    A-Data
OutptACL 30_0070001B_2A322E99-00_00000021_5A7C5549     01FFC   01000000

Port       Vlan      SrcMac          DstMac    Cos  Dscpv
Gi0/5      0001 0021.5a7c.5549  001b.2a32.2e99

traceroute mac

Did not work out all right.

SW1#<input>traceroute mac 001b.0c5d.42c2 0006.5bc5.2dfb</input>
l2trace error response received : 3 from 192.168.4.22
Layer2 path not through SW2 [192.168.4.22].
Layer2 trace aborted.

Troubleshooting Spanning Tree

Example

insert figure 4-9 on page 112

  1. Elect a root bridge
    1. based in lowest BID
  2. Select a root port on each switch.
    1. Least cost to Root bridge
      1. Ties broken by lowest upstream BID
      2. Further ties are broken by lowest port ID
  3. Elect a designated device/port on each network segment
    1. Based on lowest cost to Root bridge.
      1. Ties are broken on BID
      2. Further ties are broken by lowest port ID
  4. Ports that ended up as neither a root port nor a designated port go into [[Spanning_tree_protocol#STP_Port_States|blocking] state

Analyzing Spanning Tree

show spanning-tree

SW1#<input>show spanning-tree vlan 10</input>
MST01
  Spanning tree enabled protocol mstp
  Root ID    Priority    24577
             Address     0019.e751.0880
             <notice>This bridge is the root</notice>
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    24577  (priority 24576 sys-id-ext 1)
             Address     0019.e751.0880
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/1            Desg FWD 20000     128.1    P2p
Gi0/2            Desg FWD 20000     128.2    P2p
Gi0/12           Desg FWD 20000     128.12   P2p

Another example

SW1#<input>show spanning-tree interface gigabitEthernet 0/2 detail</input>
 Port 2 (GigabitEthernet0/2) of <notice>MST00</notice> is designated forwarding
   Port path cost 20000, Port priority 128, Port Identifier 128.2.
   Designated root has priority 32768, address 0014.f273.96c0
   Designated bridge has priority 32768, address 0019.e751.0880
   Designated port id is 128.2, designated path cost 0
   Timers: message age 0, forward delay 0, hold 0
   Number of transitions to forwarding state: 2
   Link type is point-to-point by default, Internal
   Bpdu filter is enabled internally
   BPDU: sent 1530609, received 9

 Port 2 (GigabitEthernet0/2) of <notice>MST01</notice> is designated forwarding
   Port path cost 20000, Port priority 128, Port Identifier 128.2.
   Designated root has priority 24577, address 0019.e751.0880
   Designated bridge has priority 24577, address 0019.e751.0880
   Designated port id is 128.2, designated path cost 0
   Timers: message age 0, forward delay 0, hold 0
   Number of transitions to forwarding state: 2
   Link type is point-to-point by default, Internal
   Bpdu filter is enabled internally
   BPDU: sent 1530609, received 9

Template:IP CEF Cisco

Etherchannel operation

Common Etherchannel problems

Inconsistensies between the physical ports that are member of a channel

  • Must have same speed, duplex, trunk or access port status.
    • Same native VLAN when trunking
    • Same access VLAN when access port

Log message

%EC-5-CANNOT_BUNDLE2

Inconsistensies between the ports on the opposite sides of the EtherChannel link

If the switch on the other side is not configured to a etherchannel by discovering inconsistencies in the spanning tree.

Log message

%SPANTREE-2-CHNL_MISCFG

Uneven distribution of traffic between EtherChannel bundle members

See EtherChannel#Distributing_traffic_in_the_EtherChannel

Show commands

  • show etherchannel summary
  • show etherchannel 1 detail

Troubleshooting SVI and Inter-VLAN Routing