Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
To effectively troubleshoot Ethernet-based LAN environments, you should be familiar
with the basics of Layer 2 switch operation. Therefore, this section reviews switch fundamentals,
including how a switch’s MAC address table is populated, as well as the characteristics
of VLANs and trunks. After a review of basic switch operation, this section
highlights common issues in a switched environment and how to use Cisco IOS to troubleshoot
such issues.
Reviewing Layer 2 Switching
Unlike Ethernet hubs, which take bits in one port and send those same bits out all other
ports, Ethernet switches learn the devices connected to their ports. Therefore, when an
Ethernet switch sees a frame destined for a particular MAC address, the switch can consult
its MAC address table to determine out of which port to forward the newly arrived
frame. This behavior results in more efficient bandwidth utilization on a LAN and eliminates
the concern of collisions. Specifically, in a hubbed environment, if two endpoints
each transmitted a data frame on the wire at the same time, those two frames would collide,
resulting in both frames being corrupted. This collision would require each endpoint
to retransmit its data frame. Every port on an Ethernet switch, however, is its own collision
domain, whereas all ports on a hub are in a common collision domain.
Ethernet switches can dynamically learn the MAC addresses attached to various switch
ports by looking at the source MAC address on frames coming into a port. For example, if
switch port Gigabit Ethernet 1/1 received a frame with a source MAC address of
DDDD.DDDD.DDDD, the switch could conclude that MAC address
DDDD.DDDD.DDDD resided off of port Gigabit Ethernet 1/1. In the future, if the switch
received a frame destined for a MAC address of DDDD.DDDD.DDDD, the switch would
only send that frame out of port Gigabit Ethernet 1/1.
Initially, however, a switch is unaware of what MAC addresses reside off of which ports
(unless MAC addresses have been statically configured). Therefore, when a switch receives
a frame destined for a MAC address not yet present in the switch’s MAC address table,
the switch floods that frame out of all the switch ports, other than the port on which the
frame was received. Similarly, broadcast frames (that is, frames with a destination MAC
address of FFFF.FFFF.FFFF) are always flooded out all switch ports except the port on
which the frame was received. The reason broadcast frames are always flooded is that no
endpoint will have a MAC address of FFFF.FFFF.FFFF, meaning that the FFFF.FFFF.FFFF
MAC address will never be learned in the MAC address table of a switch.
To illustrate how a switch’s MAC address table becomes populated, consider an endpoint
named PC1 that wants to form a Telnet connection with a server as shown in Figure 4-1.
Also, assume that PC1 and its server reside on the same subnet (that is, no routing is required
to get traffic between PC1 and its server). Before PC1 can send a Telnet segment to
its server, PC1 needs to know the IP address (that is, the Layer 3 address) and the MAC address
(that is, the Layer 2 address) of the server. The IP address of the server is typically
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Gig 0/3
Gig 0/1
VLAN 100
Gig 0/2 Gig 0/1
Trunk
ARP
Gig 0/2
VLAN 100
Gig 0/3
VLAN 100 VLAN 100
PC1
AAAA.AAAA.AAAA
Server
BBBB.BBBB.BBBB
Gig 0/4
VLAN 200
Gig 0/4
VLAN 200
Port MAC Addresses
Gig 0/1 Empty
Port MAC Addresses
Gig 0/1 Empty
Gig 0/2 Empty Gig 0/2 Empty
SW1 MAC Address Table SW2 MAC Address Table
SW1 SW2
PC2 PC4
PC3 PC5
Figure 4-1 Endpoint Sending an ARP Request
known or is resolved via a Domain Name System (DNS) lookup. In this example, assume
the server’s IP address is known. To properly form a Telnet segment, however, PC1 needs
to know the server’s Layer 2 MAC address. If PC1 does not already have the server’s MAC
address in its ARP cache, PC1 can send an Address Resolution Protocol (ARP) request in
an attempt to learn the server’s MAC address.
82 CCNP TSHOOT 642-832 Official Certification Guide
When switch SW1 sees PC1’s ARP request enter port Gigabit 0/1, the PC1 MAC address
of AAAA.AAAA.AAAA is added to the MAC address table of switch SW1. Also, because
the ARP request is a broadcast, its destination MAC address is FFFF.FFFF.FFFF. Because
the MAC address of FFFF.FFFF.FFFF is unknown to switch SW1’s MAC address
table, switch SW1 floods a copy of the incoming frame out all switch ports except the
port on which the frame was received, with one exception. Notice that port Gig 0/1 on
switch SW1 belongs to VLAN 100, whereas port Gig 0/4 belongs to VLAN 200. Because
a broadcast is constrained to a VLAN, this broadcast frame originating in VLAN 100 is
not flooded out Gig 0/4 because Gig 0/4 is a member of a different VLAN. Port Gig 0/2,
however, is a trunk port, and a trunk can carry traffic for multiple VLANs. Therefore, the
ARP request is flooded out of port Gig 0/2, as illustrated in Figure 4-2.
When switch SW2 receives the ARP request over its Gig 0/1 trunk port, the source MAC
address of AAAA.AAAA.AAAA is added to switch SW2’s MAC address table. Also, similar
to the behavior of switch SW1, switch SW2 floods the broadcast frame out of port
Gig 0/3 (a member of VLAN 100) and out of port Gig 0/2 (also a member of VLAN 100),
as depicted in Figure 4-3.
The server receives the ARP request and responds with an ARP reply, as seen in Figure 4-4.
Unlike the ARP request, however, the ARP reply frame is not a broadcast frame. The ARP
reply in this case has a destination MAC address of AAAA.AAAA.AAAA.
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 4: Basic Cisco Catalyst Switch Troubleshooting 83
Gig 0/3
Gig 0/1
VLAN 100
Gig 0/2 Gig 0/1
Trunk
ARP
ARP
ARP
Gig 0/2
VLAN 100
Gig 0/3
VLAN 100 VLAN 100
PC1
AAAA.AAAA.AAAA
Server
BBBB.BBBB.BBBB
Gig 0/4
VLAN 200
Gig 0/4
VLAN 200
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Port MAC Addresses
Gig 0/1 Empty
Gig 0/2 Empty Gig 0/2 Empty
SW1 MAC Address Table SW2 MAC Address Table
SW1 SW2
PC2 PC4
PC3 PC5
Figure 4-2 Switch SW1 Flooding the ARP Request
Gig 0/3
Gig 0/1
VLAN 100
Gig 0/2 Gig 0/1
Trunk
ARP
ARP
ARP
Gig 0/2
VLAN 100
Gig 0/3
VLAN 100 VLAN 100
PC1
AAAA.AAAA.AAAA
Server
BBBB.BBBB.BBBB
Gig 0/4
VLAN 200
Gig 0/4
VLAN 200
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Gig 0/2 Empty Gig 0/2 Empty
SW1 MAC Address Table SW2 MAC Address Table
SW1 SW2
ARP
ARP
PC2 PC4
PC3 PC5
Figure 4-3 Switch SW2 Flooding the ARP Request
Upon receiving the ARP reply from the server, switch SW2 adds the server’s MAC address
of BBBB.BBBB.BBBB to its MAC address table, as shown in Figure 4-5. Also, the ARP reply
is only sent out port Gig 0/1 because switch SW1 knows that the destination MAC address
of AAAA.AAAA.AAAA is available off of port Gig 0/1.
When receiving the ARP reply in its Gig 0/2 port, switch SW1 adds the server’s MAC address
of BBBB.BBBB.BBBB to its MAC address table. Also, like switch SW2, switch SW1
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
84 CCNP TSHOOT 642-832 Official Certification Guide
Gig 0/3
Gig 0/1
VLAN 100
Gig 0/2 Gig 0/1
Trunk
Gig 0/2
VLAN 100
Gig 0/3
VLAN 100 VLAN 100
PC1
AAAA.AAAA.AAAA
Server
BBBB.BBBB.BBBB
Gig 0/4
VLAN 200
Gig 0/4
VLAN 200
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Gig 0/2 Empty Gig 0/2 Empty
SW1 MAC Address Table SW2 MAC Address Table
SW1 SW2
ARP
Reply
PC2 PC4
PC3 PC5
Figure 4-4 ARP Reply Sent from the Server
Gig 0/3
Gig 0/1
VLAN 100
Gig 0/2 Gig 0/1
Trunk
Gig 0/2
VLAN 100
Gig 0/3
VLAN 100 VLAN 100
PC1
AAAA.AAAA.AAAA
Server
BBBB.BBBB.BBBB
Gig 0/4
VLAN 200
Gig 0/4
VLAN 200
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Gig 0/2 Empty Gig 0/2 BBBB.BBBB.BBBB
SW1 MAC Address Table SW2 MAC Address Table
SW1 SW2
ARP
Reply
ARP
Reply
PC2 PC4
PC3 PC5
Figure 4-5 Switch SW2 Forwarding the ARP Reply
After receiving the server’s ARP reply, PC1 now knows the MAC address of the server.
Therefore, PC1 can now send a properly constructed Telnet segment destined for the
server, as depicted in Figure 4-7.
now has an entry in its MAC address table for the frame’s destination MAC address of
AAAA.AAAA.AAAA. Therefore, switch SW1 forwards the ARP reply out port Gig 0/1 to
the endpoint of PC1, as illustrated in Figure 4-6.
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 4: Basic Cisco Catalyst Switch Troubleshooting 85
Gig 0/3
Gig 0/1
VLAN 100
Gig 0/2 Gig 0/1
Trunk
Gig 0/2
VLAN 100
Gig 0/3
VLAN 100 VLAN 100
PC1
AAAA.AAAA.AAAA
Server
BBBB.BBBB.BBBB
Gig 0/4
VLAN 200
Gig 0/4
VLAN 200
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Gig 0/2 BBBB.BBBB.BBBB Gig 0/2 BBBB.BBBB.BBBB
SW1 MAC Address Table SW2 MAC Address Table
SW1 SW2
ARP
Reply
ARP
Reply
ARP
Reply
PC2 PC4
PC3 PC5
Figure 4-6 Switch SW1 Forwarding the ARP Reply
Switch SW1 has the server’s MAC address of BBBB.BBBB.BBBB in its MAC address table.
Therefore, when switch SW1 receives the Telnet segment from PC1, that segment is forwarded
out of the Gig 0/2 port of switch SW1, as seen in Figure 4-8.
Similar to the behavior of switch SW1, switch SW2 forwards the Telnet segment out its
Gig 0/2 port. This forwarding, shown in Figure 4-9, is possible because switch SW2 has an
Gig 0/3
Gig 0/1
VLAN 100
Gig 0/2 Gig 0/1
Trunk
Gig 0/2
VLAN 100
Gig 0/3
VLAN 100 VLAN 100
PC1
AAAA.AAAA.AAAA
Server
BBBB.BBBB.BBBB
Gig 0/4
VLAN 200
Gig 0/4
VLAN 200
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Gig 0/2 BBBB.BBBB.BBBB Gig 0/2 BBBB.BBBB.BBBB
SW1 MAC Address Table SW2 MAC Address Table
SW1 SW2
Telnet
PC2 PC4
PC3 PC5
Figure 4-7 PC1 Sending a Telnet Segment
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
86 CCNP TSHOOT 642-832 Official Certification Guide
Gig 0/3
Gig 0/1
VLAN 100
Gig 0/2 Gig 0/1
Trunk
Gig 0/2
VLAN 100
Gig 0/3
VLAN 100 VLAN 100
PC1
AAAA.AAAA.AAAA
Server
BBBB.BBBB.BBBB
Gig 0/4
VLAN 200
Gig 0/4
VLAN 200
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Gig 0/2 BBBB.BBBB.BBBB Gig 0/2 BBBB.BBBB.BBBB
SW1 MAC Address Table SW2 MAC Address Table
SW1 SW2
Telnet Telnet
PC2 PC4
PC3 PC5
Figure 4-8 Switch SW1 Forwarding the Telnet Segment
Gig 0/3
Gig 0/1
VLAN 100
Gig 0/2 Gig 0/1
Trunk
Gig 0/2
VLAN 100
Gig 0/3
VLAN 100 VLAN 100
PC1
AAAA.AAAA.AAAA
Server
BBBB.BBBB.BBBB
Gig 0/4
VLAN 200
Gig 0/4
VLAN 200
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Gig 0/2 BBBB.BBBB.BBBB Gig 0/2 BBBB.BBBB.BBBB
SW1 MAC Address Table SW2 MAC Address Table
SW1 SW2
Telnet Telnet Telnet
PC2 PC4
PC3 PC5
Figure 4-9 Switch SW2 Forwarding the Telnet Segment
entry for the segment’s destination MAC address of BBBB.BBBB.BBBB in its MAC address
table.
Finally, the server responds to PC1, and a bidirectional Telnet session is established between
the PC and the server, as illustrated in Figure 4-10. Because PC1 learned the MAC
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 4: Basic Cisco Catalyst Switch Troubleshooting 87
address of the server as a result of its earlier ARP request and stored that result in its local
ARP cache, the transmission of subsequent Telnet segments does not require additional
ARP requests. If unused for a period of time, however, entries in a PC’s ARP cache can
time out.
When troubleshooting an issue involving Layer 2 switch communication, a thorough understanding
of the preceding steps can help you identify potential problems. If you were
troubleshooting an issue similar to the previous example, where a PC is attempting to
communicate with a server on a common VLAN, you might consider possibilities such as
the following:
■ Hardware issues: Potential hardware problems include the cabling interconnecting
devices and the devices themselves. For example, one switch port might be faulty.
You could eliminate that possibility by moving a cable to a known good switch port.
■ VLAN configuration: For traffic to move from one VLAN to another, that traffic
must be routed. Therefore, you might want to confirm that the PC and server in such
a scenario are connected to ports in a common VLAN.
■ Trunk configuration: Switches are often interconnected via an Ethernet trunk (for
example, an IEEE 802.1Q trunk). A trunk has the unique capability to carry traffic for
multiple VLANs over a single link. When troubleshooting an issue like the one in the
preceding scenario, you might want to confirm that the trunk is configured identically
on each switch. For example, each switch should be using the same trunking encapsulation
(for example, 802.1Q or ISL). Also, if you are using an 802.1Q trunk, each
switch should have a common native VLAN (that is, the VLAN on an 802.1Q trunk,
Key
Topic
Gig 0/3
Gig 0/1
VLAN 100
Gig 0/2 Gig 0/1
Trunk
Gig 0/2
VLAN 100
Gig 0/3
VLAN 100 VLAN 100
PC1
AAAA.AAAA.AAAA
Server
BBBB.BBBB.BBBB
Gig 0/4
VLAN 200
Gig 0/4
VLAN 200
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Gig 0/2 BBBB.BBBB.BBBB Gig 0/2 BBBB.BBBB.BBBB
SW1 MAC Address Table SW2 MAC Address Table
SW1 SW2
Telnet Telnet Telnet
PC2 PC4
PC3 PC5
Figure 4-10 Bidirectional Telnet Session Between PC1 and the Server
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
88 CCNP TSHOOT 642-832 Official Certification Guide
Key
Topic
Table 4-2 Cisco Catalyst Switch Troubleshooting Commands
Command Description
clear mac address-table
dynamic
Clears dynamically learned MAC addresses from a switch’s
MAC address table; this can help a troubleshooter determine
if a previously learned MAC address is relearned
NOTE: On some versions of Cisco IOS running on Cisco
Catalyst switches, the clear mac address-table command
contains a hyphen between mac and address (that is, clear
mac-address-table).
show mac address-table Displays MAC addresses learned by a switch along with each
associated port and VLAN of the MAC address
NOTE: On some versions of Cisco IOS running on Cisco
Catalyst switches, the show mac address-table command
contains a hyphen between mac and address (that is, show
mac-address-table).
show vlan Shows to which VLANs the ports of a switch belong
show interfaces trunk Displays which VLANs are permitted on the trunk ports of a
switch and which switch ports are configured as trunks
show interfaces switchport Displays summary information for the ports on a switch, including
VLAN and trunk configuration information
which does not add tag bytes to the frames in that VLAN). One other possibility is
that traffic for one or more VLANs has been excluded on a trunk.
Layer 2 Troubleshooting Techniques
After you understand how a frame should flow through a Layer 2 portion of the network
(that is, through Layer 2 switches), you can begin to troubleshoot a communications issue
by following the path of a frame. For example, you can examine the first switch along the
path of a frame. If that switch has not learned the MAC address of the sender, you might
need to check hardware and software (for example, the configuration and cabling of a PC)
upstream from the switch. Perhaps the first-hop switch did learn the MAC address of the
sender, but that MAC address was learned on an inappropriate VLAN. This result could
prompt you to check the VLAN configuration of the switch. Alternatively, the switch
might have learned the sender’s MAC address but not on the port that connects to the
sender. This unusual symptom suggests you have a duplicate MAC address.
As a reference, Table 4-2 provides a collection of Cisco Catalyst switch commands that
can assist you in troubleshooting basic Layer 2 switch-related issues.
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 4: Basic Cisco Catalyst Switch Troubleshooting 89
Examples 4-1, 4-2, and 4-3 provide sample output from a few of the commands described
in Table 4-2.
Example 4-1 show mac address-table Command Output
Key
Cat3550# show mac address-table Topic
Mac Address Table
---------------------------------------------
Vlan Mac Address Type Ports
---- ------------ ----- -----
...OUTPUT OMITTED...
1 0000.865c.7fc2 DYNAMIC Gi0/7
1 0009.1260.0aee DYNAMIC Gi0/9
1 0009.b7fa.d1e1 DYNAMIC Gi0/9
10 0009.1260.0aee DYNAMIC Gi0/9
261 0004.27d4.0b21 DYNAMIC Gi0/3
261 0008.a3b8.945e DYNAMIC Gi0/1
261 0008.a3b8.95c4 DYNAMIC Gi0/4
261 0008.a3d1.fbaa DYNAMIC Gi0/2
261 0009.1260.0aee DYNAMIC Gi0/9
262 0004.27d4.0b21 DYNAMIC Gi0/3
262 0008.a3b8.945e DYNAMIC Gi0/1
262 0008.a3b8.95c4 DYNAMIC Gi0/4
262 0008.a3d1.fbaa DYNAMIC Gi0/2
262 0009.1260.0aee DYNAMIC Gi0/9
Total Mac Addresses for this criterion: 48
Example 4-2 show vlan Command Output
Key
Cat3550# show vlan Topic
VLAN Name Status Ports
--------------------------------------------------------------------------------
1 default active Gi0/7, Gi0/8, Gi0/10, Gi0/11
Gi0/12
Table 4-2 Cisco Catalyst Switch Troubleshooting Commands
Command Description
traceroute mac
source_MAC_address destination_
MAC_address
Uses Cisco Discovery Protocol (CDP) information to produce
a list of switches to be transited for traffic traveling
from a specified source MAC address to a specified destination
MAC address
(Continued)
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
90 CCNP TSHOOT 642-832 Official Certification Guide
10 VLAN0010 active
20 SPAN active
261 VLAN0261 active Gi0/1, Gi0/2, Gi0/3, Gi0/4
Gi0/5, Gi0/6
262 VLAN0262 active Gi0/1, Gi0/2, Gi0/3, Gi0/4
...OUTPUT OMITTED...
Example 4-3 show interfaces trunk Command Output
Cat3550# show interfaces trunk
Port Mode Encapsulation Status Native vlan
Gi0/9 desirable n-isl trunking 1
Port Vlans allowed on trunk
Gi0/9 1-4094
Port Vlans allowed and active in management domain
Gi0/9 1,10,20,261-262
Port Vlans in spanning tree forwarding state and not pruned
Gi0/9 1,10,20,261-262
Spanning Tree Protocol Troubleshooting
Administrators of corporate telephone networks often boast about their telephone system
(that is, a PBX system) having the five nines of availability. If a system has five nines of
availability, it is available 99.999 percent of the time, which translates to about five minutes
of downtime per year.
Traditionally, corporate data networks struggled to compete with corporate voice networks
in terms of availability. Today, however, many networks that traditionally carried
only data now carry voice, video, and data. Therefore, availability becomes an even more
important design consideration.
To improve network availability at Layer 2, many networks have redundant links between
Layer 2 switches. However, unlike Layer 3 packets, Layer 2 frames lack a time-to-live
(TTL) field. As a result, a Layer 2 frame can circulate endlessly through a looped Layer 2
topology. Fortunately, IEEE 802.1D STP allows a network to physically have Layer 2 loops
while strategically blocking data from flowing over one or more switch ports to prevent
the looping of traffic.
This section reviews how an STP topology is dynamically formed. Additionally, this section
discusses commands useful in troubleshooting STP issues. Finally, the section con-
Key
Topic
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 4: Basic Cisco Catalyst Switch Troubleshooting 91
cludes with a discussion of troubleshooting EtherChannel technology, which can bond
multiple physical connections into a single logical connection.
Reviewing STP Operation
STP prevents Layer 2 loops from occurring in a network, because such an occurrence
could result in a broadcast storm or a corruption of a switch’s MAC address table.
Switches in an STP topology are classified as one of the following:
■ Root bridge: The root bridge is a switch elected to act as a reference point for a
spanning tree. The switch with the lowest bridge ID (BID) is elected as the root
bridge. The BID is made up of a priority value and a MAC address.
■ Nonroot bridge: All other switches in the STP topology are considered nonroot
bridges.
Figure 4-11 illustrates the root bridge election in a network. Notice that because both
bridge priorities are 32768, the switch with the lowest MAC address (that is, SW1) is
elected as the root bridge.
Ports that interconnect switches in an STP topology are categorized as one of the port
types described in Table 4-3 and illustrated in Figure 4-12.
Key
Topic
Key
Topic
Network Segment 1 (Fast Ethernet)
Root
Bridge
Non-Root
Bridge
MAC Address:
AAAA.AAAA.AAAA.AAAA
Priority: 32768
MAC Address:
BBBB.BBBB.BBBB.BBBB
Priority: 32768
Network Segment 2 (Fast Ethernet)
SW1 SW2
Figure 4-11 Root Bridge Election
Table 4-3 STP Port Types
Port Type Description
Root port Every nonroot bridge has a single root port, which is the port on that
switch that is closest to the root bridge, in terms of cost.
Designated port Every network segment has a single designated port, which is the port
on that segment that is closest to the root bridge, in terms of cost.
Therefore, all ports on a root bridge are designated ports.
Nondesignated port Nondesignated ports block traffic to create a loop-free topology.
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
92 CCNP TSHOOT 642-832 Official Certification Guide
Network Segment 1 (Fast Ethernet: Cost=19)
Root
Bridge
Non-Root
Bridge
Network Segment 2 (Fast Ethernet: Cost=19)
SW1 SW2
Designated Port
Gig 0/1
Root Port
Gig 0/1
Gig 0/2
Designated Port
Gig 0/2
Nondesignated Port
Figure 4-12 STP Port Types
Notice the root port for switch SW2 is selected based on the lowest port ID, because the
costs of both links are equal. Specifically, each link has a cost of 19, because both links
are Fast Ethernet links.
Figure 4-13 shows a similar topology to Figure 4-12. In this figure, however, the top link is
running at a speed of 10 Mbps, whereas the bottom link is running at a speed of 100
Mbps. Because switch SW2 seeks to get back to the root bridge (that is, switch SW1) with
the least cost, port Gig 0/2 on switch SW2 is selected as the root port.
Specifically, port Gig 0/1 has a cost of 100, and Gig 0/2 has a cost of 19. Table 4-4 shows
the port costs for various link speeds.
Key
Topic
Network Segment 1 (Fast Ethernet: Cost=100)
Root
Bridge
Non-Root
Bridge
Network Segment 2 (Fast Ethernet: Cost=19)
SW1 SW2
Designated Port
Gig 0/1
Nondesignated Port
Gig 0/1
Gig 0/2
Designated Port
Gig 0/2
Root Port
Figure 4-13 STP with Different Port Costs
Table 4-4 Port Costs
Link Speed STP Port Cost
10 Mbps (Ethernet) 100
100 Mbps (Fast Ethernet) 19
1 Gbps (Gigabit Ethernet) 4
10 Gbps (Ten Gig Ethernet) 2
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 4: Basic Cisco Catalyst Switch Troubleshooting 93
Nondesignated ports do not forward traffic during normal operation but do receive bridge
protocol data units (BPDUs). BPDU packets contain information on ports, addresses, priorities,
and costs and ensure that the data ends up where it was intended to go. BPDU
messages are exchanged across bridges to detect loops in a network topology. The loops
are then removed by shutting down selected bridge interfaces and placing redundant
switch ports in a backup, or blocked, state. If a link in the topology goes down, the nondesignated
port detects the link failure and determines whether it needs to transition to
the forwarding state.
If a nondesignated port does need to transition to the forwarding state, it does not do so
immediately. Rather, it transitions through the following states:
1. Blocking: The port remains in the blocking state for 20 seconds by default. During
this time the nondesignated port evaluates BPDUs in an attempt to determine its role
in the spanning tree.
2. Listening: The port moves from the blocking state to the listening state and remains
in this state for 15 seconds by default. During this time, the port sources BPDUs,
which inform adjacent switches of the port’s intent to forward data.
3. Learning: The port moves from the listening state to the learning state and remains in
this state for 15 seconds by default. During this time, the port begins to add entries
to its MAC address table.
4. Forwarding: The port moves from the learning state to the forwarding state and begins
to forward frames.
Collecting Information About an STP Topology
Some Layer 2 topologies dynamically form a spanning tree using default port costs and
bridge priorities. Other Layer 2 topologies have been configured with nondefault port
costs or bridge priorities. For example, a network administrator might want to influence a
particular switch to become a root bridge to ensure optimal pathing through a Layer 2
topology. The administrator can reduce the bridge priority on the switch he wants to become
the root bridge, thus influencing that switch to assume the role of root bridge.
When troubleshooting an STP topology, one of the first tasks is to learn which switch is
acting as the root bridge, in addition to learning the port roles on the various switches in
the topology. Not only is this information important in understanding how frames are currently
flowing through the topology, but comparing the current STP state of a topology to
a baseline state can provide clues as to the underlying cause of an issue.
The show spanning-tree [vlan vlan_id] command can display information about the STP
state of a switch. Consider Example 4-4, which shows the output from the show spanningtree
vlan 1 command. The VLAN is specified because Cisco Catalyst switches, by default,
use per-VLAN spanning tree (PVST). PVST allows a switch to run a separate STP instance
for each VLAN. The output in Example 4-4 shows that switch SW2 is not the root bridge
for the spanning tree of VLAN1, because the MAC address of the root bridge is different
from the MAC address of switch SW2. The Gig 0/9 port of switch SW2 is the root port of
the switch, whereas port Gig 0/10 is a nondesignated port. (That is, it is a blocking port.)
Note that the port cost of Gig 0/9 is 19, whereas the port cost of Gig 0/10 is 100.
Key
Topic
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
94 CCNP TSHOOT 642-832 Official Certification Guide
Example 4-4 show spanning-tree vlan Command Output
SW2# show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address 0009.122e.4181
Cost 19
Port 9 (GigabitEthernet0/9)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000d.28e4.7c80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
-----------------------------------------------------------------------------------
Gi0/9 Root FWD 19 128.9 P2p
Gi0/10 Altn BLK 100 128.10 Shr
The show spanning-tree interface interface_id detail command shows information contained
in BPDUs. Also, as shown in Example 4-5, this command displays the number of
BPDUs sent and received.
Example 4-5 show spanning-tree interface Command Output
SW2# show spanning-tree interface gig 0/9 detail
Port 9 (GigabitEthernet0/9) of VLAN0001 is root forwarding
Port path cost 19, Port priority 128, Port Identifier 128.9.
Designated root has priority 32768, address 0009.122e.4181
Designated bridge has priority 32768, address 0009.122e.4181
Designated port id is 128.303, designated path cost 0
Timers: message age 2, forward delay 0, hold 0
Number of transitions to forwarding state: 1
Link type is point-to-point by default
BPDU: sent 1, received 1245
STP Troubleshooting Issues
If STP fails to operate correctly, Layer 2 frames can endlessly circulate through a network.
This behavior can lead to a couple of major issues: MAC address table corruption and
broadcast storms.
Key
Topic
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
Chapter 4: Basic Cisco Catalyst Switch Troubleshooting 95
Corruption of a Switch’s MAC Address Table
The MAC address table of a switch can dynamically learn what MAC addresses are available
off of its ports; however, in the event of an STP failure, the MAC address table of a
switch can become corrupted. To illustrate, consider Figure 4-14. PC1 is transmitting traffic
to PC2. When the frame sent from PC1 is transmitted on segment A, the frame is seen
on the Gig 0/1 ports of switches SW1 and SW2, causing both switches to add an entry to
their MAC address tables associating a MAC address of AAAA.AAAA.AAAA with port
Gig 0/1. Because STP is not functioning, both switches then forward the frame out segment
B. As a result, PC2 receives two copies of the frame. Also, switch SW1 sees the
frame forwarded out the Gig 0/2 port of switch SW2. Because the frame has a source
MAC address of AAAA.AAAA.AAAA, switch SW1 incorrectly updates its MAC address
table indicating that a MAC address of AAAA.AAAA.AAAA resides off port Gig 0/2.
Similarly, switch SW2 sees the frame forwarded onto segment B by switch SW1 on its Gig
0/2 port. Therefore, switch SW2 also incorrectly updates its MAC address table.
Broadcast Storms
As previously mentioned, when a switch receives a broadcast frame (that is, a frame destined
for a MAC address of FFFF.FFFF.FFFF), the switch floods the frame out all switch
ports except the port on which the frame was received. Because a Layer 2 frame does not
have a TTL field, a broadcast frame endlessly circulates through the Layer 2 topology,
consuming resources on both switches and attached devices (for example, user PCs).
Key
Topic
PC1
MAC Address:
AAAA.AAAA.AAAA
Gig 0/1
Gig 0/2
Gig 0/1
Gig 0/2
Segment B
Segment A
Switch B’s MAC Address Table
Port
PC2
Duplicate Frames
Received
MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Gig 0/2 AAAA.AAAA.AAAA
SW1 SW2
Switch A’s MAC Address Table
Port MAC Addresses
Gig 0/1 AAAA.AAAA.AAAA
Gig 0/2 AAAA.AAAA.AAAA
Figure 4-14 MAC Address Table Corruption
www.CareerCert.info
www.CareerCert.info
www - CareerCert - info
96 CCNP TSHOOT 642-832 Official Certification Guide
Figure 4-15 illustrates how a broadcast storm can form in a Layer 2 topology when STP is
not functioning correctly.
1. PC1 sends a broadcast frame onto Segment A, and the frame enters each
switch on port Gig 0/1.
2. Both switches flood a copy of the broadcast frame out of their Gig 0/2 ports (that
is, onto Segment B), causing PC2 to receive two copies of the broadcast frame.
3. Both switches receive a copy of the broadcast frame on their Gig 0/2 ports (that is,
from Segment B) and flood the frame out of their Gig 0/1 ports (that is, onto
Segment A), causing PC1 to receive two copies of the broadcast frame.
This behavior continues, as the broadcast frame copies continue to loop through the
network. The performance of PC1 and PC2 is impacted, because they also continue to
receive copies of the broadcast frame.
Troubleshooting EtherChannel
An exception to STP operation can be made if two switches are interconnected via multiple
physical links and those links are configured as an EtherChannel. An EtherChannel
logically combines the bandwidth of multiple physical interfaces into a logical connection
between switches, as illustrated in Figure 4-16. Specifically, Figure 4-16 shows four Gigabit
Ethernet links logically bonded into a single EtherChannel link.
Broadcast frame
destined for
FFFF.FFFF.FFFF
Segment A
Gig 0/1
Gig 0/2
Gig 0/1
Gig 0/2
(3)
(3)
(2) (2)
(1)
Segment B
PC2
PC1
SW1 SW2
Figure 4-15 Broadcast Storm
When multiple ports are combined into a logical EtherChannel, STP treats the logical bundle
as a single port for STP calculation purposes. Following are common troubleshooting
targets to consider when troubleshooting an EtherChannel issue:
■ Mismatched port configurations: The configurations of all ports making up an
EtherChannel, on both switches, should be identical. For example, all ports should
have the same speed, duplex, trunk mode, and native VLAN configurations.
■ Mismatched EtherChannel configuration: Both switches forming the EtherChannel
should be configured for the same EtherChannel negotiation protocol. The options
are Link Aggregation Control Protocol (LACP) and Port Aggregation Protocol (PAgP).
■ Inappropriate EtherChannel distribution algorithm: EtherChannel determines
which physical link to use to transmit frames based on a hash calculation. The hashing
approach selected should distribute the load fairly evenly across all physical links.
For example, a hash calculation might be based only on the destination MAC address
of a frame. If the frames are destined for only a few different MAC addresses, the
load distribution could be uneven.
Trouble Ticket: STP
This trouble ticket is the first of a series of trouble tickets presented throughout the remainder
of the book. All the trouble tickets are based on the same basic network topology,
although addressing and links might vary for some trouble tickets.
All trouble tickets begin with a problem report and a network topology diagram. Some of
the trouble tickets provide you with baseline data, and all the trouble tickets offer output
from appropriate verification commands (for example, show or debug commands) that
you can examine.
After you hypothesize the underlying cause of the network issue and formulate a solution,
you can check the Suggested Solution comments to confirm your hypothesis. Realize,
however, that some trouble tickets might be resolvable by more than one method.
Therefore, your solution might be different from the suggested solution.
Trouble Ticket #1
You receive the following trouble ticket:
Users on network 192.168.1.0/24 are experiencing latency or no connectivity when
attempting to reach network 10.1.2.0/24.
This trouble ticket references the topology shown in Figure 4-17.
Key
Topic
SW1
Gig 0/1-4 Gig 0/1-4SW2
Figure 4-16 EtherChannel
No comments:
Post a Comment