Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
Ethernet is ubiquitous in campus networks and Data Centers. Movement to consolidate networks has collapsed storage
and virtualization, and telephony has put more traffic on Ethernet. Maintaining this critical infrastructure involves understanding
the component pieces: Spanning Tree, VLANs, InterVLaN routing, and gateway redundancy.
Poor forwarding performance on switches is usually associated with cabling and port problems, duplex mismatch, or
TCAM issues.
Problems at the physical layer can be seen from show interface, show interface counters and show interface counters
errors. Look for the following errors:
Align-Err, runts: Alignment errors are usually associated with cabling, NICs, or duplex mismatch.
n FCS-Err: Frame Check Sequence errors are usually associated with a cabling issue.
n Xmit-Err: The transmission buffers are full. Commonly associated with switching a faster link to a slower link.
n Undersize, Giants: Suspect the transmitting NIC.
n Single-Col, Multi-Col, Late-Col, Excess-Col: Collisions are a sign of duplex mismatch.
An example of these commands is shown here.
Newton-Sw01#show interface fastethernet1/1
FastEthernet1/2 is up, line protocol is up (connected)
Hardware is C6k 100Mb 802.3, address is 001c.58c8.ac92 (bia 001c.58c8.ac92)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
[ 43 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:43, output hang never
Last clearing of “show interface” counters 6w5d
Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
1 minute input rate 0 bits/sec, 0 packets/sec
1 minute output rate 7000 bits/sec, 9 packets/sec
4182737 packets input, 719363170 bytes, 0 no buffer
Received 5970 broadcasts (174 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
45957071 packets output, 19815895675 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
Newton-Sw01#sh interface counters
Port InOctets InUcastPkts InMcastPkts InBcastPkts
Fa1/1 6658590 73024 27 95
Fa1/2 719363238 4176768 174 5796
[ 44 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
…
Newton-Sw01#sh interface counters errors
Port Align-Err FCS-Err Xmit-Err Rcv-Err UnderSize OutDiscards
Fa1/1 0 309 0 309 0 0
Fa1/2 0 0 0 0 0 0
…
Duplex mismatch is a common cause of forwarding problems. Half-duplex is unusual in modern networks, so duplex
mismatch usually occur when one port is set to auto and the other to full. Setting everything to auto is Cisco’s recommendation.
Spanning Tree
Redundancy is a common technique to increase availability in computer networks. Ethernet redundancy would look like
multiple core switches and multiple paths between workgroup switches and the core. Of course, multiple paths mean
loops, and Ethernet lacks a mechanism for dealing with loops.
Spanning Tree is a protocol that detects potential loops and breaks them:
1. Each switch advertises Bridge Protocol Data Units (BPDU) that periodically announces name (bridge ID), current
root, and cost to the root. Each switch starts believing it is the root.
2. If a switch receives a BPDU with a different root, it compares roots. If the received BPDU has a lower root, the
switch changes root and recalculates cost to the root. The port that received the superior BPDU is the root port—the
port that leads to the root. Other ports are designated ports—ports leading away from the root.
[ 45 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
NOTE:
When speed and duplex
are auto, Cisco switches
also support auto-MDIX.
(The switch will adjust
the port to be straight
through or crossover as
needed.)
Interface f0/0
Mdix auto
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
Each link has a cost based on its speed, as shown in the following table.
Link Speed Cost
Ethernet 100
Fast Ethernet 19
Gigabit Ethernet 4
Ten Gigabit Ethernet 2
3. If a switch receives two BPDUs with the same root but different costs, it uses the lower cost port. The port with the
higher cost is blocked (it filters all traffic except BPDUs) to prevent a loop. Blocked ports are also called non-designated.
At the end of the process there will be one root bridge. Each nonroot switch will have one root port.
Spanning tree status can be seen using the show spanning-tree [vlan vland-id] command, as shown here:
Newton-Sw01#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 8192
Address 001d.4664.7d01
Cost 4
Port 641 (GigabitEthernet6/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
[ 46 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
Bridge ID Priority 32768
Address 001d.46c8.ac01
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
———————— —— —- ————- ———— ————————————————
Fa1/2 Desg FWD 19 128.2 Edge P2p
Fa1/3 Desg FWD 19 128.3 Edge P2p
Fa1/4 Desg FWD 19 128.4 Edge P2p
Fa1/5 Desg FWD 19 128.5 Edge P2p
Fa1/7 Desg FWD 19 128.7 Edge P2p
Fa1/9 Desg FWD 19 128.9 Edge P2p
Fa1/10 Desg FWD 19 128.10 Edge P2p
Fa1/11 Desg FWD 19 128.11 Edge P2p
Fa1/12 Desg FWD 19 128.12 Edge P2p
…
The details of received BPDUs can be seen using show spanning-tree interface [interface] detail. This command shows
root status, cost, and timers:
Newton-Sw01#show spanning-tree vlan 1 detail
VLAN0001 is executing the rstp compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address 001d.4664.cc01
Configured hello time 2, max age 20, forward delay 15, tranmsit hold-count 6
Current root has priority 8192, address 001d.4632.6c01
Root port is 641 (GigabitEthernet6/1), cost of root path is 4
Topology change flag not set, detected flag not set
Number of topology changes 119 last change occurred 25w6d ago
from GigabitEthernet6/1
[ 47 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0, aging 300
Port 2 (FastEthernet1/2) of VLAN0001 is designated forwarding
Port path cost 19, Port priority 128, Port Identifier 128.2.
Designated root has priority 8192, address 001d.4664.ec01
Designated bridge has priority 32768, address 001d.4664.cc01
Designated port id is 128.2, designated path cost 4
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
The port is in the portfast mode
Link type is point-to-point by default
Bpdu guard is enabled
Root guard is enabled on the port
BPDU: sent 9120, received 0
…
Before spanning-tree, loops meant that traffic would cycle continuously. Over a short time traffic would accrete in the
loop until it consumed all capacity. This is called a broadcast storm. Broadcast storms are still a real danger, but spanning
tree has mitigated this almost entirely. The danger today is that—through protocol failure or administrative misprogramming—
when a broadcast storm forms, few administrators have seen it before and know how to deal with it.
A broadcast storm can be diagnosed when the switches become saturated with traffic. All the traffic lights will be solid,
the switch will be slow to respond, and users will complain about network speed.
The only fix for a broadcast storm is to break the loop. If the switches are accessible, it might be possible to fix spanningtree.
Otherwise, the administrator must manually remove redundant links.
[ 48 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
As previously stated, the purpose of spanning-tree is to select one root path and filter all others. When there are multiple
links between two switches it seems intuitive that, rather than turn one off, the switches should use all the links together.
This is possible using Etherchannel.
Etherchannel logically combines several physical links between switches and spanning tree treats the bundle as a single
port. Up to eight physical lines may be combined in this way.
Etherchannel failures cluster into three groups:
n All ports must be identical (speed, duplex, access or trunk, VLAN). If Etherchannel will not form, look for inconsistencies
between ports.
n Both switches must either be configured or a link aggregation protocol (LACP or PAgP) must be used. If only one
side is configured for Etherchannel, look for Etherchannel ports that are error-disabled.
n The channel might form, but traffic might still be traveling predominately over a single link. This is because traffic is
statistically multiplexed using a three-bit hash. This means that the traffic is split over eight paths, and an etherchannel
of three links will split the load in a 2:1:1 ratio. Fix this by using 2, 4, or 8 links. Second, the hash uses a userselectable
Ethernet or IP field. If all traffic comes from a single source and the switch is hashing on source MAC, it
will not multiplex. Fix this by selecting a different hashing method.
VLANs
Virtual LANs are logical broadcast domains, administratively assembled from component ports on the switches in the
network. Switches are interconnected by Ethernet lines that use 802.1q, a shim header inserted in the Ethernet frame.
802.1q adds a two-byte shim, 12 bits of which are used to identify the VLAN and three bits of which are used to specify
Layer-2 class of service. (This is called the 802.1p subfield.)
[ 49 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
When troubleshooting VLaN switching issues, concentrate on three types of failure:
n Wiring issues: Cabling issues, power outage, or bad switch ports
n Switch issues: Software bugs, hardware bugs, loops, and ARP issues
n Logic issues: Misconfigured VLANs, VTP, trunks, and native VLAN mismatch
Troubleshooting switches often involves using these tables to understand the path traffic takes through the switch. Two
commands can help identify the path taken:
n Show platform forward: Displays forwarding info from TCAM
n Traceroute mac: Shows intermediate MACs from source to destination
Switches keep several mapping tables. Each of these tables is shown in the following table, as well as the IOS command
to examine the table.
Table IOS Command
MAC Address Table: Maps MAC addresses to ports Show mac-address
VLAN assignments: Maps VLANs to ports Show vlan
Show interface switchport
VLAN Database: Maps names to VLANs Show vlan
Trunk assignments Show interface switchport
Show interface trunk
Show etherchannel
[ 50 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
Switched Virtual Interfaces and InterVLAN routing
Routing between VLANs can be accomplished on a Layer 3 switch or on a router. Troubleshooting the control plane (the
Layer 3 structures) is identical between the two. This means that OSPF runs identically on the two platforms.
The data plane (the structures and hardware that handle frame forwarding) is different between routers and Layer 3
switches. In both cases, show ip cef shows the cef forwarding table, and show adjacency shows the Layer 2 headers used
in forwarding.
Catalyst 3560, 3750, and 4500 switches can also use show platform to see detailed forwarding information.
Catalyst 6500 switches display forwarding details using show mls cef commands.
Another difference between routers and Layer 3 switches, in the context of troubleshooting intervlan routing, is the
concept of an SVI (Switched Virtual Interface).
Routers forward traffic between ports using Layer 3 information.
Layer 3 switches can have multiple ports in the same vlan and pass traffic between them using MAC information. Layer 3
switches also support SVIs (these look like interface vlan 1) that act as virtual layer-3 ports for a VLAN. Finally, a switch
can treat a port as a separate routed port.
From a troubleshooting perspective, routed ports do not run switching protocols like Spanning Tree or Etherchannel.
SVIs, on the other hand, are extremely stable. An SVI changes only state to down when all the VLAN ports are down.
First-Hop Redundancy
Hosts are configured with a default gateway—a router address that will pass traffic off the local subnet. The problem is
that router failures strand the hosts. The solution is first-hop redundancy protocols, which enable two routers to cooperatively
support a single IP, which can then be given to hosts as a default gateway.
[ 51 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
There are three first-hop redundancy protocols:
n HSRP is an older Cisco proprietary protocol. One router is the active and one is the standby. The routers pass
keepalives that enable the standby to recognize failure of the primary router.
n VRRP is an open standard but is otherwise similar to HSRP. Because HSRP works, many organizations have continued
to use HSRP.
n GLBP is an open standard, but it enables simultaneous load balancing over as many as four gateways.
Because HSRP is the most common, this section focuses on HSRP. The general configuration and troubleshooting strategy
applies well to VRRP and GLBP, however.
HSRP is configured under the interface using standby commands. Routers in the same HSRP group share a Mac and IP,
so standby is used to identify the group and virtual IP.
By default, each HSRP speaker has a priority of 100. The speaker with the highest priority is the active router. If a new
router starts however, HSRP does not change the active router until the failure of the active router. To change this so that
the higher priority is instantly recognized, use the preempt command. An HSRP snippet is shown here to illustrate the
configuration:
Interface f0/0
Ip address 10.1.1.2 255.255.255.0
Standby 2 ip 10.1.1.1
Standby 2 priority 120
Standby 2 preempt
[ 52 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
Verify the HSRP state of a router using show standby, which summarizes this information to a table (an example is
shown next). To see detailed information on HSRP, such as timers and virtual MAC, use show standby interface:
Maiden-rtr01#show standby
GigabitEthernet0/1 - Group 135
State is Active
23 state changes, last state change 25w6d
Virtual IP address is 135.159.64.1
Active virtual MAC address is 0000.0c07.ac87
Local virtual MAC address is 0000.0c07.ac87 (v1 default)
Hello time 5 sec, hold time 20 sec
Next hello sent in 0.284 secs
Preemption enabled
Active router is local
Standby router is unknown
Priority 150 (configured 150)
Group name is “hsrp-Gi0/1-135” (default)
Richardson-rtr01#show standby interface gi0/1
Global Confg: 0000
Gi0/1 If hw BCM1125 Internal MAC (27), State 0x210040
Gi0/1 If hw Confg: 0000
Gi0/1 If hw Flags: 0000
Gi0/1 If sw Confg: 0000
Gi0/1 If sw Flags: 0000
Gi0/1 Grp 135 Confg: 0072, IP_PRI, PRIORITY, PREEMPT, TIMERS
Gi0/1 Grp 135 Flags: 0000
[ 53 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 69 for more details.
CCNP TSHOOT 642-832 Quick Reference by Brent Stewart
www.CareerCert.info
CHAPTER 4
Troubleshooting Switches
HSRP virtual IP Hash Table (global)
103 172.25.96.1 Gi0/1 Grp 135
HSRP MAC Address Table
43 Gi0/1 0000.0c07.ac87
Gi0/1 Grp 135
show standby brief is mirrored with show vrrp brief and show glbp brief. Similarly, show standby interface and
debug standby have equivalents for the other first-hop redundancy protocols.
No comments:
Post a Comment