Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
This section reviews troubleshooting for common routing protocols. A more theoretical explanation of the working of the
protocols is available in the BSCI Quick Reference Guide.
Network Layer Connectivity
Routers use three tables to make routing decisions: the routing table, ARP table, and CEF mappings
The routing table is visible using show ip route. Each entry in the routing table has an output interface or next hop.
Packets are routed per the routing table, matching the longest prefix match first and then by other metrics determined by
that IGP’s algorithm.
When a determination of the next hop has been made, the router needs to turn this information into a destination Layer 2
address. For this purpose, mapping tables are maintained that match Layer 2 and Layer 3 addresses. The ARP table (show
ip arp) and the frame-relay map (show frame-relay map) are examples of this.
Cisco Express Forwarding (CEF) is the common switching method found on most Cisco gear. CEF combines information
from the routing table and the various mapping tables to optimize routing and to optimize the construction of new Layer
2 headers. CEF entries may be viewed using show ip cef and associated commands.
[ 55 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 5
Troubleshooting Routing
Routing Protocols
Routing protocols are mechanisms that enable routers to share information about the structure of the network. Regardless
of the protocol, troubleshooting routing protocol issues have some basic logic that is true for any routing protocol.
Troubleshooting routing issues always starts with looking at the routing table. Use ping to test connectivity, show ip
route to inspect the routing table to see if the route is present, and traceroute to inspect how traffic is forwarding. show
ip protocols displays information about the current routing protocols, such as autonomous system and timer values.
Troubleshooting routing issues can be summarized by answering three basic questions:
1. Is the correct route advertised?
2. Is the correct route communicated?
3. Is there a more desirable path (lower AD or longer prefix length)?
EIGRP
After determining that there is a routing problem in EIGRP using the routing table or ping, follow the three basic steps to
troubleshooting.
EIGRP stores information in three tables that can be interrogated.
Table Command
Interface table: Lists EIGRP-enabled interfaces Show ip eigrp interface
Neighbor table: Lists discovered neighbors Show ip eigrp neighbors
Topology table: Complete list of received EIGRP routes Show ip eigrp topology
[ 56 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 5
Troubleshooting Routing
Is the Correct Route Advertised?
Verify that the router attached to the destination subnet is advertising the route. There are several ways to see the advertised
subnets; two good ways are either direct interrogation of the running configuration using show running-config |
section eigrp or by reviewing the protocol settings using show ip protocol (shown here):
Hickory-rtr01#show ip protocol
Routing Protocol is “eigrp 10”
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
EIGRP maximum hopcount 100
EIGRP maximum metric variance 1
Redistributing: eigrp 100, bgp 65096
EIGRP NSF-aware route hold timer is 240s
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
Passive Interface(s):
GigabitEthernet0/1
Routing Information Sources:
Gateway Distance Last Update
10.1.4.254 90 00:39:11
10.1.4.253 90 00:38:55
Distance: internal 90 external 170
[ 57 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 5
Troubleshooting Routing
EIGRP also advertises only subnets of interfaces that match a network statement. show ip protocol provides the matching
network statements.
Is the Correct Route Communicated?
EIGRP shares only routes with neighbors—devices with which it has exchanged hellos. Verify that connected devices are
neighbors using show ip eigrp neighbors. debug ip eigrp packets should show hellos and updates if devices are
connected, and debug ip eigrp should show details about the contained routing information communicated.
EIGRP neighborship requires bidirectional communication, authentication, that the AS be the same, and that timers are
close to the same. EIGRP also sends only hellos over interfaces that match a network statement. If a router hasn’t identified
a link as an EIGRP link in this way, it will not send hellos and it will not form neighborship. EIGRP values, such as
timers, and a list of EIGRP interfaces is available through show ip eigrp interfaces:
Hickory-rtr01#show ip eigrp neighbors
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 10.1.4.253 Gi0/0 14 2w0d 1 200 0 1797
0 10.1.4.254 Gi0/0 14 2w0d 1 200 0 729
Hickory-rtr01#show ip eigrp interface
IP-EIGRP interfaces for process 100
Xmit Queue Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable SRTT Un/Reliable Flow Timer Routes
Gi0/0 2 0/0 1 0/1 50 0
Lo0 0 0/0 0 0/1 0 0
[ 58 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 5
Troubleshooting Routing
If the devices are neighbors, routes could be blocked using distribution lists or route-maps. Distribution lists would be
listed in show ip protocol.
Is There a More Desirable Path?
Finally, if the route is not in the routing table, use show ip eigrp topology to see if the route is known to EIGRP. It could
be that the route is known, but there is a more desirable path. show ip route shows only the selected EIGRP route. To see
all known EIGRP routes, use show ip eigrp topology.
OSPF
Three OSPF tables can be reviewed in troubleshooting. A fourth—the Routing Information Base—is used to store SPF
calculations but is largely unavailable to the administrator.
Table Command
Interface table: Lists OSPF-enabled interfaces Show ip ospf interface
Neighbor table: Lists discovered neighbors Show ip ospf neighbors
Link State Database: LSAs received Show ip ospf database
If a routing problem exists in OSPF, follow the same basic steps to troubleshooting.
Is the Correct Route Advertised?
Verify that the router attached to the destination subnet is advertising the route. Advertised subnets are visible using either
show running-config | section ospf or by reviewing show ip protocol.
OSPF also limits advertisements to the subnets of interfaces that match network statements. show ip protocol provides
the matching network statements. show ip ospf statistics can also help by showing how often SPF is running, potentially
showing network instability.
[ 59 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 5
Troubleshooting Routing
Is the Correct Route Communicated?
OSPF shares routes with neighbors. Verify that connected devices are neighbors using show ip ospf neighbors. show ip
ospf database displays the link state information. debug ip ospf adj should show issues preventing neighborship.
OSPF neighborship requires six parameters to agree:
n Bidirectional communication.
n Equal timer values.
n Matching AS number.
n Routers must agree on the type of their common area.
n Routers must agree on the prefix of their common subnet.
n Authentication, if used, must agree on type and password.
OSPF sends only Hellos over interfaces that match a network statement. If a link does not match a network entry, no
Hellos will be transmitted and no neighbors will form over the link. OSPF protocol values can be seen using show ip
ospf interfaces.
If the devices are neighbors, routes could be blocked at boundary routers using distribution lists or route-maps.
Distribution lists would be listed in show ip protocol.
Is There a More Desirable Path?
It is possible that OSPF has chosen an unexpected path to a destination. It could also be that routes from other routing
protocols are present with a lower administrative distance or that an intermediate system has a static route. Checking
routing tables along the expected path is the best way to reveal this.
[ 60 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 5
Troubleshooting Routing
BGP
BGP maintains two tables outside of the routing table, one for neighbors and one for BGP routing information.
Table Command
Neighbor table: Lists neighbors Show ip bgp neighbors
BGP table: Contains all received BGP prefixes and associated attributes, as well as showing the BGP best path Show ip bgp
BGP troubleshooting can also follow the three basic steps.
Is the Correct Route Advertised?
Verify that the router attached to the destination subnet is advertising the route. This can be seen from the running configuration
(show running-config | section bgp) or the BGP table (show ip bgp—self-originated routes have a next hop of
0.0.0.0).
BGP advertises only explicitly identified prefixes for which there is a matching route from another source (like a
connected route).
Is the Correct Route Communicated?
BGP communicates prefixes with administratively defined neighbors. Verify that defined neighbors are reachable using
ping and that they are neighbors by reviewing show ip bgp neighbors. A partial output from this is shown next—show ip
bgp neighbors includes considerable detail. debug ip bgp updates should show hellos and advertisements, and debug ip
bgp should show details about the contained routing information being communicated:
Hickory-rtr01#show ip bgp neighbor
BGP neighbor is 10.1.255.5, remote AS 4800, external link
BGP version 4, remote router ID 59.43.0.71
BGP state = Established, up for 2w0d
[ 61 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 5
Troubleshooting Routing
Last read 00:00:15, last write 00:00:17, hold time is 90, keepalive interval i s 30 seconds
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 2 1162
Keepalives: 40808 40817
Route Refresh: 0 0
Total: 40811 41980
Default minimum time between advertisement runs is 30 seconds
…
BGP neighborship requires bidirectional communication, authentication, and that the AS match the expected AS. BGP
values, such as timers and AS, are available through show ip bgp.
If the devices are neighbors, routes could be blocked using distribution lists or route-maps. Distribution lists would be
listed in show ip protocol.
Is There a More Desirable Path?
If the route is not in the routing table, use show ip bgp to see if the route is known and valid. Routes can be invalidated if
the BGP next hop is unreachable; if so routing to this address must be recursively troubleshot. The following partial
example shows several routes that are valid and best, shown by the preceding *>.
[ 62 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 5
Troubleshooting Routing
ahk-rtr01#sh ip bgp
BGP table version is 17312, local router ID is 10.254.254.12
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 182.225.207.13 0 65000 65097 i
*> 10.43.0.0/24 182.225.207.13 0 65000 65086 65042 i
*> 10.43.0.0/22 182.225.207.13 0 65000 65086 65042 i
*> 10.45.128.0/24 182.225.207.13 0 65000 65100 65044 i
*> 10.49.0.0/22 182.225.207.13 0 65000 65086 65300 i
*> 10.61.0.0/16 182.225.207.13 0 65000 65060 i
*> 10.63.0.0/20 182.225.207.13 0 65000 65062 i
*> 10.65.0.0/19 182.225.207.13 0 65000 65064 i
*> 10.71.0.0/16 182.225.207.13 0 65000 65086 65302 i
*> 10.87.0.0/16 182.225.207.13 0 65000 65086 i
…
Route Redistribution
Organization sometimes must support more than one routing protocol. For example, a business might use EIGRP within a
campus and BGP over the MPLS WAN. Routing information is passed between the protocols using redistribution.
Redistributed routes are treated as external in the receiving protocol.
Redistribution extracts routes from the routing table, so only routes that appear in the routing table will be exported. If
routes are not present, confirm the routes are present in the routing table at the redistribution point. You need to identify
and understand the interaction of all redistribution points. Creating a routing loop through multiple redistribution points is
quite possible.
[ 63 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 5
Troubleshooting Routing
Because routing protocols use different metrics, redistributed routes lose routing information. Distance Vector routing
protocols, including EIGRP, assume that the metric for imported routes should be infinity unless another value is specified.
When redistributing into EIGRP, a default metric must be set or no routes will be imported! OSPF will import only
classful routes unless redistribute subnets is used, so this is also a point to review in troubleshooting.
In addition to protocol specific commands, debug ip routing can show routes as they are added or withdrawn from the
routing table.
If ip route profile is added to the config, the show ip route profile command shows routing table changes over consecutive
5-second intervals. This is particularly helpful to show that routes are flapping—being added and withdrawn continuously.
Router Performance
Routing protocol performance can be symptomatic of general router problems. Routing protocol problems can be seen if
the router CPU is overburdened or memory is fully utilized.
Transient events, such as SNMP communication or a heavy traffic load, can temporarily spike the CPU. High CPU
utilization is a concern when it becomes on-going. Signs of CPU oversubscription include dropped packets, increased
latency, slow response to telnet and console, and when the router skips routing updates.
Show process cpu can identify processes that are consuming CPU cycles. The ARP Input process consumes more cycles
if the router has to generate a large number of ARPs, for instance in response to malicious traffic. Net Background is used
to manage buffer space. IP Background is used whenever an interface changes state, utilization here could indicate a flapping
interface.
Show process cpu history displays the overall utilization as a bar graph. This is a nifty way to see if the current load is
an aberration or the norm.
[ 64 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 5
Troubleshooting Routing
A second general router issue is the router switching mode. There are three common modes:
n Process switching uses the CPU to process each packet. Process switching is CPU-intensive and reduces throughput
and increases jitter. It is turned on by using no ip route-cache.
n Fast switching uses the CPU to process an initial packet but then caches the result. It is less CPU-intensive, but
utilization still tracks the traffic load. It is turned on using ip route-cache, and the cache can be reviewed using
show ip cache.
n Cisco Express Forwarding (CEF) is the default switching mode. CEF is resilient to traffic load. It is turned on using
ip cef, and CEF entries can be seen by using show ip cef and show adjacency. CEF is required for some IOS
features, such as NBAR, WRED, and AutoQoS.
The interface switching mode is shown from the show ip interface command.
A third general router issue is router memory utilization. Memory is over-used when there is no available system memory
or when the memory is too fragmented to be useful.
One easy, but not pleasant, way to see a memory problem is to load a version of IOS that requires more RAM than is
present on the router. Memory can also be depleted by a memory leak—a bug that assigns memory to processes but does
not clean up when the process is complete. Memory leaks can be recognized over time using show memory allocatingprocess
totals and show memory dead and by researching known bugs within CCO. If found, the only solution is to
move to a known good version of IOS.
Memory leaks sometimes appear on interfaces as buffer leaks. Buffer leaks can be seen using show interface, where the
“input queue” shows buffer utilization. Show buffer also shows a buffer leak, here by looking at the number of free
buffers.
Finally, memory leaks are sometimes seen in BGP, which is a heavy consumer of memory in the best of times, so a
memory leak here can quickly bloom into a larger issue. show process memory | include bgp shows the memory utilization
of the four BGP processes. show diag can be used to evaluate memory used on the line cards.
No comments:
Post a Comment