Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
www - CareerCert - info
Chapter 5: Advanced Cisco Catalyst Switch Troubleshooting 111
Table 5-2 lists the characteristics that Layer 3 switches and routers have in common, as
well as those characteristics that differ.
Control Plane and Data Plane Troubleshooting
Many router and Layer 3 switch operations can be categorized as control plane or data
plane operations. For example, routing protocols operate in a router’s control plane,
whereas the actual forwarding of data is handled by a router’s data plane.
Fortunately, the processes involved in troubleshooting control plane operations are identical
on both Layer 3 switch and router platforms. For example, the same command-line
interface (CLI) commands could be used to troubleshoot an Open Shortest Path First
(OSPF) issue on both types of platforms.
Data plane troubleshooting, however, can vary between Layer 3 switches and routers. For
example, if you were troubleshooting data throughput issues, the commands you issued
might vary between types of platforms, because Layer 3 switches and routers have fundamental
differences in the way traffic is forwarded through the device.
First, consider how a router uses Cisco Express Forwarding (CEF) to efficiently forward
traffic through a router. CEF creates a couple of tables that reside at the data plane. These
are the forwarding information base (FIB) and the adjacency table. These tables are
constructed from information collected from the router’s control plane (for example, the
control plane’s IP routing table and Address Resolution Protocol [ARP] cache). When
troubleshooting a router, you might check control plane operations with commands such
as show ip route. However, if the observed traffic behavior seems to contradict information
shown in the output of control plane verification commands, you might want to examine
information contained in the router’s CEF Forwarding Information Base (FIB) and
Key
Topic
Table 5-2 Layer 3 Switch and Router Characteristics: Compare and Contrast
Layer 3 Switch/Router Shared
Characteristics
Layer 3 Switch/Router Differentiating
Characteristics
Both can build and maintain a routing table
using both statically configured routes and
dynamic routing protocols.
Routers usually support a wider selection of
interface types (for example, non-Ethernet
interfaces).
Both can make packet forwarding decisions
based on Layer 3 information (for example,
IP addresses).
Switches leverage application-specific integrated
circuits (ASIC) to approach wire speed
throughput. Therefore, most Layer 3 switches
can forward traffic faster than their router
counterparts.
A Cisco IOS version running on routers typically
supports more features than a Cisco IOS
version running on a Layer 3 switch, because
many switches lack the specialized hardware
required to run many of the features available
on a router.
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
112 CCNP TSHOOT 642-832 Official Certification Guide
Table 5-3 Router Data Plan Verification Commands
Command Description
show ip cef Displays the router’s Layer 3 forwarding information, in addition to multicast,
broadcast, and local IP addresses.
show
adjacency
Verifies that a valid adjacency exists for a connected host.
Key
Topic
adjacency tables. You can use the commands presented in Table 5-3 to view information
contained in a router’s FIB and adjacency table.
Example 5-1 and Example 5-2 provide sample output from the show ip cef and show
adjacency commands, respectively.
Example 5-1 show ip cef Command Output
R4# show ip cef
Prefix Next Hop Interface
0.0.0.0/0 10.3.3.1 FastEthernet0/0
0.0.0.0/32 receive
10.1.1.0/24 10.3.3.1 FastEthernet0/0
10.1.1.2/32 10.3.3.1 FastEthernet0/0
10.3.3.0/24 attached FastEthernet0/0
10.3.3.0/32 receive
10.3.3.1/32 10.3.3.1 FastEthernet0/0
10.3.3.2/32 receive
10.3.3.255/32 receive
10.4.4.0/24 10.3.3.1 FastEthernet0/0
10.5.5.0/24 10.3.3.1 FastEthernet0/0
10.7.7.0/24 10.3.3.1 FastEthernet0/0
10.7.7.2/32 10.3.3.1 FastEthernet0/0
10.8.8.0/24 attached FastEthernet0/1
10.8.8.0/32 receive
10.8.8.1/32 receive
10.8.8.4/32 10.8.8.4 FastEthernet0/1
10.8.8.5/32 10.8.8.5 FastEthernet0/1
10.8.8.6/32 10.8.8.6 FastEthernet0/1
10.8.8.7/32 10.8.8.7 FastEthernet0/1
10.8.8.255/32 receive
192.168.0.0/24 10.3.3.1 FastEthernet0/0
224.0.0.0/4 drop
224.0.0.0/24 receive
255.255.255.255/32 receive
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 5: Advanced Cisco Catalyst Switch Troubleshooting 113
Example 5-2 show adjacency Command Output
R4# show adjacency
Protocol Interface Address
IP FastEthernet0/0 10.3.3.1(21)
IP FastEthernet0/1 10.8.8.6(5)
IP FastEthernet0/1 10.8.8.7(5)
IP FastEthernet0/1 10.8.8.4(5)
IP FastEthernet0/1 10.8.8.5(5)
Although many Layer 3 switches also leverage CEF to efficiently route packets, some
Cisco Catalyst switches take the information contained in CEF’s FIB and adjacency table
and compile that information into Ternary Content Addressable Memory (TCAM). This
special memory type uses a mathematical algorithm to very quickly look up forwarding
information.
The specific way a switch’s TCAM operates depends on the switch platform. However,
from a troubleshooting perspective, you can examine information stored in a switch’s
TCAM using the show platform series of commands on Cisco Catalyst 3560, 3750, and
4500 switches. Similarly, TCAM information for a Cisco Catalyst 6500 switch can be
viewed with the show mls cef series of commands.
Comparing Routed Switch Ports and Switched Virtual Interfaces
On a router, an interface often has an IP address, and that IP address might be acting as a default
gateway to hosts residing off of that interface. However, if you have a Layer 3 switch
with multiple ports belonging to a VLAN, where should the IP address be configured?
You can configure the IP address for a collection of ports belonging to a VLAN under a
virtual VLAN interface. This virtual VLAN interface is called a Switched Virtual Interface
(SVI). Figure 5-2 shows a topology using SVIs, and Example 5-3 shows the corresponding
configuration. Notice that two SVIs are created: one for each VLAN (that is,
VLAN 100 and VLAN 200). An IP address is assigned to an SVI by going into interface
configuration mode for a VLAN. In this example, because both SVIs are local to the
switch, the switch’s routing table knows how to forward traffic between members of the
two VLANs.
Example 5-3 SVI Configuration
Cat3550# show run
...OUTPUT OMITTED...
!
interface GigabitEthernet0/7
switchport access vlan 100
switchport mode access
!
interface GigabitEthernet0/8
switchport access vlan 100
switchport mode access
Key
Topic
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
114 CCNP TSHOOT 642-832 Official Certification Guide
Gig 0/7
VLAN 100
Gig 0/10
VLAN 200
Gig 0/8
VLAN 100
Gig 0/9
VLAN 200
SVI: VLAN 100
192.168.1.1/24
SVI: VLAN 200
SW1 192.168.2.1/24
Figure 5-2 SVI Used for Routing
Although SVIs can route between VLANs configured on a switch, a Layer 3 switch can be
configured to act more as a router (for example, in an environment where you are replacing
a router with a Layer 3 switch) by using routed ports on the switch. Because the ports on
many Cisco Catalyst switches default to operating as switch ports, you can issue the no
switchport command in interface configuration mode to convert a switch port to a routed
port. Figure 5-3 and Example 5-4 illustrate a Layer 3 switch with its Gigabit Ethernet 0/9
and 0/10 ports configured as routed ports.
!
interface GigabitEthernet0/9
switchport access vlan 200
switchport mode access
!
interface GigabitEthernet0/10
switchport access vlan 200
switchport mode access
!
...OUTPUT OMITTED...
!
interface Vlan100
ip address 192.168.1.1 255.255.255.0
!
interface Vlan200
ip address 192.168.2.1 255.255.255.0
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 5: Advanced Cisco Catalyst Switch Troubleshooting 115
Example 5-4 Configuration for Routed Ports on a Layer 3 Switch
When troubleshooting Layer 3 switching issues, keep the following distinctions in mind
between SVIs and routed ports:
■ A routed port is considered to be in the down state if it is not operational at both
Layer 1 and Layer 2.
■ An SVI is considered to be in a down state only when none of the ports in the corresponding
VLAN are active.
■ A routed port does not run switch port protocols such as Spanning Tree Protocol
(STP) or Dynamic Trunking Protocol (DTP).
Router Redundancy Troubleshooting
Many devices, such as PCs, are configured with a default gateway. The default gateway
parameter identifies the IP address of a next-hop router. As a result, if that router were to
become unavailable, devices that relied on the default gateway’s IP address would be unable
to send traffic off their local subnet.
Fortunately, Cisco offers technologies that provide next-hop gateway redundancy. These
technologies include HSRP, VRRP, and GLBP.
This section reviews the operation of these three first-hop redundancy protocols and
provides a collection of Cisco IOS commands that can be used to troubleshoot an issue
with one of these three protocols.
Note that although this section discusses router redundancy, keep in mind that the term
router is referencing a device making forwarding decisions based on Layer 3 information.
Key
Topic
Gig 0/10
192.168.2.2/24
Gig 0/9
Fa 0/0 192.168.1.2/24
192.168.1.1/24 192.168.2.1/24
R1 SW1 Fa 0/0 R2
Figure 5-3 Routed Ports on a Layer 3 Switch
Cat3550# show run
...OUTPUT OMITTED...
!
interface GigabitEthernet0/9
no switchport
ip address 192.168.1.2 255.255.255.0
!
interface GigabitEthernet0/10
no switchport
ip address 192.168.2.2 255.255.255.0
!
...OUTPUT OMITTED...
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
116 CCNP TSHOOT 642-832 Official Certification Guide
Key
Topic
HSRP Group 10
Workstation A
Next-Hop Gateway = 172.16.1.3
Fa 0/0
172.16.1.1
172.16.1.3
Active Router Virtual Router Standby Router
e 0/0
172.16.1.2
R1 Virtual R2
Figure 5-4 Basic HSRP Operation
Therefore, in your environment, a Layer 3 switch might be used in place of a router to support
HSRP, VRRP, or GLBP.
HSRP
Hot Standby Router Protocol (HSRP) uses virtual IP and MAC addresses. One router,
known as the active router, services requests destined for the virtual IP and MAC addresses.
Another router, known as the standby router, can service such requests in the
event the active router becomes unavailable. Figure 5-4 illustrates a basic HSRP topology.
Examples 5-5 and 5-6 show the HSRP configuration for routers R1 and R2.
Example 5-5 HSRP Configuration on Router R1
Example 5-6 HSRP Configuration on Router R2
R1# show run
...OUTPUT OMITTED...
interface FastEthernet0/0
ip address 172.16.1.1 255.255.255.0
standby 10 ip 172.16.1.3
standby 10 priority 150
standby 10 preempt
...OUTPUT OMITTED...
R1# show run
...OUTPUT OMITTED...
interface Ethernet0/0
ip address 172.16.1.2 255.255.255.0
standby 10 ip 172.16.1.3
...OUTPUT OMITTED...
Key
Topic
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 5: Advanced Cisco Catalyst Switch Troubleshooting 117
Notice that both routers R1 and R2 have been configured with the same virtual IP address
of 172.16.1.3 for an HSRP group of 10. Router R1 is configured to be the active router
with the standby 10 priority 150 command. Router R2 has a default HSRP priority of
100 for group 10, and with HSRP, higher priority values are more preferable. Also, notice
that router R1 is configured with the standby 10 preempt command, which means that if
router R1 loses its active status, perhaps because it is powered off, it will regain its active
status when it again becomes available.
Converging After a Router Failure
By default, HSRP sends hello messages every three seconds. Also, if the standby router
does not hear a hello message within ten seconds by default, the standby router considers
the active router to be down. The standby router then assumes the active role.
Although this ten-second convergence time applies for a router becoming unavailable for a
reason such as a power outage or a link failure, convergence happens more rapidly if an interface
is administratively shut down. Specifically, an active router sends a resign message
if its active HSRP interface is shut down.
Also, consider the addition of another router to the network segment whose HSRP priority
for group 10 is higher than 150. If it were configured for preemption, the newly added
router would send a coup message, to inform the active router that the newly added router
was going to take on the active role. If, however, the newly added router were not configured
for preemption, the currently active router would remain the active router.
HSRP Verification and Troubleshooting
When verifying an HSRP configuration or troubleshooting an HSRP issue, you should begin
by determining the following information about the HSRP group under inspection:
■ Which router is the active router
■ Which routers, if any, are configured with the preempt option
■ What is the virtual IP address
■ What is the virtual MAC address
The show standby brief command can be used to show a router’s HSRP interface, HSRP
group number, and preemption configuration. Additionally, this command identifies the
router that is currently the active router, the router that is currently the standby router, and
the virtual IP address for the HSRP group. Examples 5-7 and 5-8 show the output from
the show standby brief command issued on routers R1 and R2, where router R1 is currently
the active router.
Example 5-7 show standby brief Command Output on Router R1
R1# show standby brief
P indicates configured to preempt.
Interface Grp Prio P State Active Standby Virtual IP
Fa0/0 10 150 P Active local 172.16.1.2 172.16.1.3
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
118 CCNP TSHOOT 642-832 Official Certification Guide
HSRP Group 10
0000.0c07.ac0a
Vendor
Code
HSRP
Group
Number
in Hex
Wellknown
HSRP
Code
Figure 5-5 HSRP Virtual MAC Address
Example 5-8 show standby brief Command Output on Router R2
In addition to an interface’s HSRP group number, the interface’s state, and the HSRP
group’s virtual IP address, the show standby interface_id command also displays the
HSRP group’s virtual MAC address. Issuing this command on router R1, as shown in
Example 5-9, shows that the virtual MAC address for HSRP group 10 is 0000.0c07.ac0a.
Example 5-9 show standby fa 0/0 Command Output on Router R1
The default virtual MAC address for an HSRP group, as seen in Figure 5-5, is based on the
HSRP group number. Specifically, the virtual MAC address for an HSRP group begins
with a vendor code of 0000.0c, followed with a well-known HSRP code of 07.ac. The last
two hexadecimal digits are the hexadecimal representation of the HSRP group number.
For example, an HSRP group of 10 yields a default virtual MAC address of
0000.0c07.ac0a, because 10 in decimal equates to 0a in hexadecimal.
R2# show standby brief
P indicates configured to preempt.
Interface Grp Prio P State Active Standby Virtual IP
Et0/0 10 100 Standby 172.16.1.1 local 172.16.1.3
R1# show standby fa 0/0
FastEthernet0/0 - Group 10
State is Active
1 state change, last state change 01:20:00
Virtual IP address is 172.16.1.3
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.044 secs
Preemption enabled
Active router is local
Standby router is 172.16.1.2, priority 100 (expires in 8.321 sec)
Priority 150 (configured 150)
IP redundancy name is “hsrp-Fa0/0-10” (default)
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 5: Advanced Cisco Catalyst Switch Troubleshooting 119
Once you know the current HSRP configuration, you might then check to see if a host on
the HSRP virtual IP address’ subnet can ping the virtual IP address. Based on the topology
previously shown in Figure 5-4, Example 5-10 shows a successful ping fromWorkstation
A.
Example 5-10 Ping Test from Workstation A to the HSRP Virtual IP Address
C:\>ping 172.16.1.3
Pinging 172.16.1.3 with 32 bytes of data:
Reply from 172.16.1.3: bytes=32 time=2ms TTL=255
Reply from 172.16.1.3: bytes=32 time=1ms TTL=255
Reply from 172.16.1.3: bytes=32 time=1ms TTL=255
Reply from 172.16.1.3: bytes=32 time=1ms TTL=255
Ping statistics for 172.16.1.3:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
A client could also be used to verify the appropriate virtual MAC address learned by the
client corresponding to the virtual MAC address reported by one of the HSRP routers.
Example 5-11 shows Workstation A’s ARP cache entry for the HSRP virtual IP address of
172.16.1.3. Notice in the output that the MAC address learned via ARP does match the
HSRP virtual MAC address reported by one of the HSRP routers.
Example 5-11 Workstation A’s ARP Cache
You can use the debug standby terse command to view important HSRP changes, such as
a state change. Example 5-12 shows this debug output on router R2 because router R1’s
Fast Ethernet 0/0 interface is shut down. Notice that router R2’s state changes from
Standby to Active.
Example 5-12 debug standby terse Command Output on Router R2: Changing HSRP
to Active
R2#
*Mar 1 01:25:45.930: HSRP: Et0/0 Grp 10 Standby: c/Active timer expired
(172.16.1.1)
C:\>arp -a
Interface: 172.16.1.4 --- 0x4
Internet Address Physical Address Type
172.16.1.3 00-00-0c-07-ac-0a dynamic
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
120 CCNP TSHOOT 642-832 Official Certification Guide
When router R1’s Fast Ethernet 0/0 interface is administratively brought up, router R1 reassumes
its previous role as the active HSRP router for HSRP group 10, because router R1 is
configured with the preempt option. The output shown in Example 5-13 demonstrates
how router R2 receives a coup message, letting router R2 know that router R1 is taking
back its active role.
Example 5-13 debug standby terse Command Output on Router R2: Changing HSRP
to Standby
VRRP
Virtual Router Redundancy Protocol (VRRP), similar to HSRP, allows a collection of
routers to service traffic destined for a single IP address. Unlike HSRP, the IP address serviced
by a VRRP group does not have to be a virtual IP address. The IP address can be the
address of a physical interface on the virtual router master, which is the router responsible
for forwarding traffic destined for the VRRP group’s IP address. A VRRP group can
have multiple routers acting as virtual router backups, as shown in Figure 5-6, any of
which could take over in the event of the virtual router master becoming unavailable.
*Mar 1 01:25:45.930: HSRP: Et0/0 Grp 10 Active router is local, was 172.16.1.1
*Mar 1 01:25:45.930: HSRP: Et0/0 Grp 10 Standby router is unknown, was local
*Mar 1 01:25:45.930: HSRP: Et0/0 Grp 10 Standby -> Active
*Mar 1 01:25:45.930: %HSRP-6-STATECHANGE: Ethernet0/0 Grp 10 state Standby ->
Active
*Mar 1 01:25:45.930: HSRP: Et0/0 Grp 10 Redundancy “hsrp-Et0/0-10” state Standby
-> Active
*Mar 1 01:25:48.935: HSRP: Et0/0 Grp 10 Redundancy group hsrp-Et0/0-10 state
Active -> Active
*Mar 1 01:25:51.936: HSRP: Et0/0 Grp 10 Redundancy group hsrp-Et0/0-10 state
Active -> Active
R2#
*Mar 1 01:27:57.979: HSRP: Et0/0 Grp 10 Coup in 172.16.1.1 Active pri 150
vIP 172.16.1.3
*Mar 1 01:27:57.979: HSRP: Et0/0 Grp 10 Active: j/Coup rcvd from higher pri
router (150/172.16.1.1)
*Mar 1 01:27:57.979: HSRP: Et0/0 Grp 10 Active router is 172.16.1.1, was local
*Mar 1 01:27:57.979: HSRP: Et0/0 Grp 10 Active -> Speak
*Mar 1 01:27:57.979: %HSRP-6-STATECHANGE: Ethernet0/0 Grp 10 state Active -> Speak
*Mar 1 01:27:57.979: HSRP: Et0/0 Grp 10 Redundancy “hsrp-Et0/0-10” state Active
-> Speak
*Mar 1 01:28:07.979: HSRP: Et0/0 Grp 10 Speak: d/Standby timer expired (unknown)
*Mar 1 01:28:07.979: HSRP: Et0/0 Grp 10 Standby router is local
*Mar 1 01:28:07.979: HSRP: Et0/0 Grp 10 Speak -> Standby
*Mar 1 01:28:07.979: HSRP: Et0/0 Grp 10 Redundancy “hsrp-Et0/0-10” state Speak
-> Standby
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 5: Advanced Cisco Catalyst Switch Troubleshooting 121
Key
Topic
GLBP
Global Load Balancing Protocol (GLBP) can load balance traffic destined for a next-hop
gateway across a collection of routers, known as a GLBP group. Specifically, when a
client sends an Address Resolution Protocol (ARP) request, in an attempt to determine the
MAC address corresponding to a known IP address, GLBP can respond with the MAC address
of one member of the GLBP group. The next such request would receive a response
containing the MAC address of a different member of the GLBP group, as depicted in
Figure 5-7. Specifically, GLBP has one active virtual gateway (AVG), which is responsible
for replying to ARP requests from hosts. However, multiple routers acting as active virtual
forwarders (AVFs) can forward traffic.
Troubleshooting VRRP and GLBP
Because VRRP and GLBP perform a similar function to HSRP, you can use a similar
troubleshooting philosophy. Much like HSRP’s show standby brief command, similar
Key
Topic
Virtual Router Group
IP Address = 172.16.1.1
Workstation A
Next-Hop Gateway = 172.16.1.1
172.16.1.1 172.16.1.2
Virtual Router
Backup
Virtual Router
Backup
Virtual Router
Master
172.16.1.3
R1 R2 R3
Figure 5-6 Basic VRRP Operation
Active Virtual Gateway (AVG)
Active Virtual Forwarder (AVF)
GLBP IP Address = 172.16.1.3
Virtual MAC = AAAA.AAAA.AAAA.0001
AVF
GLBP IP Address = 172.16.1.3
Virtual MAC = AAAA.AAAA.AAAA.0002
ARP Reply 172.16.1.2
Next-Hop GW = 172.16.1.3
with a MAC of
AAAA.AAAA.AAAA.0001
Next-Hop GW = 172.16.1.3
with a MAC of
AAAA.AAAA.AAAA.0002
ARP Reply ARP
ARP
Workstation A Workstation B
R1 R2
172.16.1.1
Figure 5-7 Basic GLBP Operation
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
122 CCNP TSHOOT 642-832 Official Certification Guide
Table 5-4 Comparing HSRP, VRRP, and GLBP
Characteristic HSRP VRRP GLBP
Cisco proprietary Yes No No
Interface IP address can act as virtual IP address No Yes No
More than one router in a group can simultaneously
forward traffic for that group
No No Yes
Hello timer default value 3 seconds 1 second 3 seconds
Key
Topic
information can be gleaned for VRRP operation with the show vrrp brief command and
for GLBP operation with the show glbp brief command.
Although HSRP, VRRP, and GLBP have commonalities, it is important for you as a troubleshooter
to understand the differences. Table 5-4 compares several characteristics of
these first-hop router redundancy protocols.
No comments:
Post a Comment