Latest News

Home Basic Router Troubleshooting - Module 20

Basic Router Troubleshooting - Module 20





                                                        Module Overview 




  
20.1 Examining the Routing Table   
20.1.1 The show ip route command 
20.1.2 Determining the gateway of last resort 
20.1.3 Determining route source and destination 
20.1.4 Determining L2 and L3 addresses 
20.1.5 Determining the route administrative distance 
20.1.6 Determining the route metric 
20.1.7 Determining the route next hop 
20.1.8 Determining the last routing update 
20.1.9 Observing multiple paths to destination


20.2 Network Testing   
20.2.1 Introduction to network testing 
20.2.2 Using a structured approach to troubleshooting 
20.2.3 Testing by OSI layers 
20.2.4 Layer 1 troubleshooting using indicators 
20.2.5 Layer 3 troubleshooting using ping 
20.2.6 Layer 7 troubleshooting using Telnet 

20.3 Troubleshooting Router Issues Overview   
20.3.1 Troubleshooting Layer 1 using show interfaces 
20.3.2 Troubleshooting Layer 2 using show interfaces 
20.3.3 Troubleshooting using show cdp 
20.3.4 Troubleshooting using traceroute 
20.3.5 Troubleshooting routing issues 
20.3.6 Troubleshooting using show controllers 
20.3.7 Introduction to debug 
  
Module: Summary 

Overview

 
A router uses a dynamic routing protocol to learn about routes to destination networks. Most routers use a combination of dynamic routing and manually configured static routes. Regardless of the method used, when a router determines that a route is the best path to a destination, it installs that route in its routing table. This module will describe methods that are used to examine and interpret the contents of the routing table.

Network testing and troubleshooting are perhaps the most time consuming components of every network administrator’s job. Efficient testing and troubleshooting must be done in a logical, orderly, and well-documented fashion. Otherwise, the same problems will reoccur, and the network administrator will never truly understand the network. This module describes a structured approach to network troubleshooting and provides some tools to use in the troubleshooting process.

Routing problems are among the most common and difficult for network administrators to diagnose. There are many tools that make it easier to identify and solve routing problems. This module will introduce several of the most important of these tools and provide practice in their use.

This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811 exams.  -

Students who complete this module should be able to perform the following tasks:

  • Use the show ip route command to gather detailed information about the routes installed on the router
  • Configure a default route or default network
  • Understand how a router uses both Layer 2 and Layer 3 addressing to move data through the network
  • Use the ping command to perform basic network connectivity tests
  • Use the telnet command to verify the application layer software between source and destination stations
  • Troubleshoot by sequential testing of OSI layers
  • Use the show interfaces command to confirm Layer 1 and Layer 2 problems
  • Use the show ip route and show ip protocol commands to identify routing issues
  • Use the show cdp command to verify Layer 2 connectivity
  • Use the traceroute command to identify the path packets take between networks
  • Use the show controllers serial command to ensure the proper cable is attached
  • Use basicdebugcommands to monitor router activity


  20.1  Examining the Routing Table 
  20.1.1  The show ip route command 

 
This page will explain the functions of the show ip route command.

One of the primary functions of a router is to determine the best path to a given destination. A router learns paths, which are also called routes, from the configurations entered by an administrator or from other routers through routing protocols. Routers store this routing information in routing tables using on-board random access memory (RAM). A routing table contains a list of the best available routes. Routers use the routing table to make packet forwarding decisions.

The show ip route command displays the contents of the IP routing table. This table contains entries for all known networks and subnetworks, as well as a code that indicates how that information was learned. The following are some additional commands that can be used with the show ip route command:

  • show ip route connected
  • show ip routeaddress
  • show ip route rip
  • show ip route igrp
  • show ip route static
A routing table maps network prefixes to an outbound interface.  When RTA receives a packet destined for 192.168.4.46, it looks for the prefix 192.168.4.0/24 in its table. RTA then forwards the packet out interface Ethernet0 based on the routing table entry. If RTA receives a packet destined for 10.3.21.5, it sends that packet out Serial 0.

The example routing table shows four routes for directly connected networks. These routes are labeled with a C. RTA drops any packet destined for a network that is not listed in the routing table. The routing table for RTA will have to include more routes before it can forward to other destinations. There are two ways to add new routes:

  • Static routing - An administrator manually defines routes to one or more destination networks.
  • Dynamic routing - Routers follow rules defined by a routing protocol to exchange routing information and independently select the best path.
Administratively defined routes are said to be static because they do not change until a network administrator manually programs the changes. Routes learned from other routers are dynamic because they change automatically as directly connected routers update each other with new information. Each method has fundamental advantages and disadvantages. 

The Lab Activity will allow students to use the show ip route command to examine routing tables.

The next page will define a gateway of last resort.

  20.1  Examining the Routing Table  
  20.1.2  Determining the gateway of last resort 
  
This page will teach students how to configure a gateway of last resort and why it is used.

It is not feasible, or even desirable, for a router to maintain routes to every possible destination. Instead, routers keep a default route, or a gateway of last resort. Default routes are used when the router is unable to match a destination network with a more specific entry in the routing table. The router uses this default route to reach the gateway of last resort in an effort to forward the packet.

A key scalability feature is that default routes keep routing tables as lean as possible. They make it possible for routers to forward packets destined to any Internet host without having to maintain a table entry for every Internet network. Default routes can be statically entered by an administrator or dynamically learned using a routing protocol.

Default routing begins with the administrator. Before routers can dynamically exchange information, an administrator must configure at least one router with a default route. Depending on the desired results, an administrator can use either of the following commands to statically configure a default route:

ip default-network
or
ip route 0.0.0.0 0.0.0.0
The ip default-network command is used to establish a default route in networks that use dynamic routing protocols.  The ip default-network command is classful, which means if the router has a route to the subnet indicated by this command, it installs the route to the major net. The ip default-network command must be issued using the major net, in order to flag the candidate default route.

The global command ip default-network 192.168.17.0 defines the Class C network 192.168.17.0 as the destination path for packets that have no routing table entries. Any routes to a network configured with ip default-network will be flagged as a candidate for the default route.

The ip route 0.0.0.0/0 command can also be used to configure a default route.

Router(config)#ip route prefix mask {address 1 interface } [distance ]
After configuring a default route or default network, the command show ip route will show the following:

Gateway of last resort is 172.16.1.2 to network 0.0.0.0
The Lab Activity will show students how to configure a gateway of last resort.

The next page explains how path determination occurs.

 
  20.1  Examining the Routing Table 
  20.1.3  Determining route source and destination 
  
This page will explain how a router chooses a path for packet delivery.

For traffic going through a network cloud, path determination occurs at the network layer. The path determination function enables a router to evaluate the available paths to a destination and to establish the preferred handling of a packet. Routing services use network topology information to evaluate network paths. This information can be configured by the network administrator or collected through dynamic processes that are used in the network.

The network layer provides best-effort, end-to-end, packet delivery across interconnected networks. The network layer uses the IP routing table to send packets from the source network to the destination network. After the router determines which path to use, it forwards the packet from one interface to the interface or port that leads to the destination. 

The next page will discuss Layer 2 and Layer 3 addresses.

  20.1  Examining the Routing Table 
  20.1.4  Determining L2 and L3 addresses 
  
This page will explain how Layer 2 and Layer 3 addresses are used to route a packet.

For a packet to get from the source to the destination, both Layer 2 and Layer 3 addresses are used. Figure  explains the process that occurs as a packet moves through a network.

The Layer 3 address is used to route the packet from the source network to the destination network. The source and destination IP addresses remain the same. The MAC address changes at each hop or router. A data link layer address is necessary because delivery within the network is determined by the address in the Layer 2 frame header.

The Interactive Media Activity will help students recognize physical and logical addresses.

The next page will describe the administrative distance of a route.
 
  20.1  Examining the Routing Table 
  20.1.5  Determining the route administrative distance 
  
This page will teach students what the administrative distance of a route is and how it is used.

A router can discover routes through dynamic routing protocols or routes can be configured manually. After the routes are discovered or configured, the router must choose the best routes to other networks.

The router uses the administrative distance of each route to determine the best path to a particular destination. The administrative distance is a number that measures the trustworthiness of the source of the route information. The lower the administrative distance, the more trustworthy the source.

Different routing protocols have different default administrative distances.  The path with the lowest administrative distance is installed in the routing table.

In the Lab Activity, students will analyze two routing protocols.

The next page will discuss route metrics.



  20.1  Examining the Routing Table 
  20.1.6  Determining the route metric 
  
This page will explain what route metrics are and how they are used. Students will also learn how IGRP calculates route metrics.

Routing protocols use metrics to determine the best route to a destination. The metric is a value that measures the desirability of a route. Some routing protocols use only one factor to calculate a metric. For example, RIP v1 uses hop count as the only factor to determine the metric of a route. Other protocols base their metric on hop count, bandwidth, delay, load, reliability, and cost.

Each routing algorithm interprets what is best in its own way. The algorithm generates a number, called the metric value, for each path through the network. A lower metric number generally indicates a better path.

Factors such as bandwidth and delay are static because they remain the same for each interface until the router is reconfigured or the network is redesigned. Factors such as load and reliability are dynamic because they are calculated for each interface in real-time by the router. 

The more factors that make up a metric, the greater the flexibility to tailor network operations to meet specific needs. By default, IGRP uses the static factors bandwidth and delay to calculate a metric value. These two factors can be configured manually to control which routes a router chooses. IGRP may also be configured to include the dynamic factors of load and reliability in the metric calculation. By using dynamic factors, IGRP routers can make decisions based on current conditions. If a link becomes heavily loaded or unreliable, IGRP will increase the metric of routes using that link. An alternate route with a lower metric would be used instead.

IGRP calculates the metric by adding the weighted values of different characteristics of the link to the network in question. Here is the formula for calculating the composite metric for IGRP:

Metric = [K1 * Bandwidth + (K2 * Bandwidth)/(256-load) + K3*Delay] * [K5/(reliability + K4)]

The default constant values are K1 = K3 = 1 and K2 = K4 = K5 = 0.

If K5 = 0, the [K5/(reliability + K4)] term is not used. Given the default values for K1 through K5, the composite metric calculation used by IGRP reduces to Metric = Bandwidth + Delay.

The Interactive Media Activity will help students understand route metrics.

The next page explains how a next hop is chosen.
 
  20.1  Examining the Routing Table 
  20.1.7  Determining the route next hop 
  
This page will explain how a router determines the next hop for a packet.

Routing algorithms fill routing tables with a variety of information. Destination next hop associations determine the best path and which router to forward the packet to next. This router represents the next hop on the way to the final destination.

When a router receives an incoming packet, it checks the destination address and attempts to associate this address with a next hop.

The next page shows students how to find the last routing update.



  20.1  Examining the Routing Table 
  20.1.8  Determining the last routing update 
  
This page lists some commands that are used to find the last routing update:

  • show ip route 
  • show ip route address 
  • show ip protocols 
  • show ip rip database 
The Lab Activity will help students collect information about routing updates.

The next page will discuss multiple paths to the same destination.

  20.1  Examining the Routing Table 
  20.1.9  Observing multiple paths to destination 
 
This page will discuss the support of multiple paths to the same destination by some routing protocols.

Multi-path algorithms permit traffic over multiple lines, provide better throughput, and are more reliable than single path algorithms.

IGRP supports unequal cost path load balancing, which is known as variance. The variance command instructs the router to include routes with a metric less than n times the minimum metric route for that destination, where n is the number specified by the variance command. The variable n can take a value between 1 and 128, with the default being 1, which means equal cost load balancing.

rt1 has two routes to network 192.168.30.0. The variance command will be set on rt1 to ensure that both paths to network 192.168.30.0 are utilized.

Figure  shows the output from show ip route from rt1 before the variance is configured. FastEthernet 0/0 is the only route to 192.168.30.0. This route has an Administrative Distance of 100 and a metric of 8986.

Figure  shows the output from show ip route from rt1 after the variance is configured. The preferred route is interface FastEthernet 0/0, but Serial 0/0 will also be used. After the variance command is executed, IGRP will use load balancing between the two links.

This page concludes this lesson. The next lesson will discuss network testing. The lesson begins with an overview.

  20.2  Network Testing 
  20.2.1  Introduction to network testing 
 
This page will give students an overview of how to test a network.

Basic testing of a network should proceed in sequence from one OSI reference model layer to the next.  Begin with Layer 1 and work up to Layer 7, if necessary. At Layer 1, look for simple problems such as power cords plugged in the wall and other physical connections. The most common problems that occur on IP networks result from errors in the addressing scheme. It is important to test the address configuration before continuing with further configuration steps.

Each test presented in this lesson focuses on network operations at a specific layer of the OSI model. At Layer 3, the commands telnet and ping are used to test the network.

The next page will discuss the troubleshooting process.

  20.2  Network Testing 
  20.2.2  Using a structured approach to troubleshooting 
  
Troubleshooting is a process that allows a user to find problems on a network. This page explains why an orderly process should be used to troubleshoot a network. This process should be based on the networking standards set in place by a network administrator. Documentation is a very important part of the troubleshooting process.

The steps in this model are as follows:

Step 1 Collect all available information and analyze the symptoms of the failure.

Step 2 Localize the problem to a particular network segment, module, unit, or user.

Step 3 Isolate the trouble to specific hardware or software within the unit, module, or user network account.

Step 4 Locate and correct the problem.

Step 5 Verify that the problem has been solved.

Step 6 Document the problem and the solution.

Figure  shows another approach to troubleshooting. These are not the only ways to troubleshoot a network. However, an orderly process is important to keep a network running smoothly and efficiently.

When a structured approach is used, every member of a network support team knows which steps the other team members have completed to troubleshoot the network. If a variety of troubleshooting ideas are tried with no organization or documentation, problem solving is not efficient. Even if a problem is solved in the non-structured environment, it will be difficult to replicate the solution for similar problems.

The Interactive Media Activity will help students become familiar with the troubleshooting process.

The next page will teach students the types of errors that occur at the first three layers of the OSI model.

  20.2  Network Testing 
  20.2.3  Testing by OSI layers 

This page will describe the types of errors that occur at the first three layers of the OSI model.

Layer 1 errors can include the following:

  • Broken cables
  • Disconnected cables
  • Cables connected to the wrong ports
  • Intermittent cable connection
  • Rollover, crossover, or straight-through cables used incorrectly
  • Transceiver problems
  • DCE cable problems
  • DTE cable problems
  • Devices turned off
Layer 2 errors can include the following:

  • Improperly configured serial interfaces
  • Improperly configured Ethernet interfaces
  • Improper encapsulation set
  • Improper clockrate settings on serial interfaces
  • Network interface card (NIC) problems
Layer 3 errors can include the following:

  • Routing protocol not enabled
  • Wrong routing protocol enabled
  • Incorrect IP addresses
  • Incorrect subnet masks
If errors appear on the network, the process of testing through the OSI layers should begin. The ping command is used at Layer 3 to test connectivity. At Layer 7 the telnet command may be used to verify the application layer software between source and destination stations. Both of these commands will be discussed in detail in a later section.

The Interactive Media Activity will help students understand the types of problems that occur at each layer of the OSI model.

The next page will explain how indicator lights can be used to test a network.



  20.2  Network Testing  
  20.2.4  Layer 1 troubleshooting using indicators    
 
The page will explain how to troubleshoot Layer 1 issues with the help of indicator lights. Most interfaces or NICs have indicator lights that show if there is a valid connection. This light is often called the link light. The interface may also have lights to indicate when traffic is transmitted (TX) or received (RX). If the interface has indicator lights that do not show a valid connection, check for faulty or incorrect cabling. If cabling is correct, power off the device and reseat the interface card.

Check to make sure that all cables are connected to the appropriate ports. Make sure that all cross-connects are properly patched to the correct location using the appropriate cable and method. 

Verify that the proper cable is used. A crossover cable may be required for direct connections between two switches or hubs, or between two hosts such as PCs or routers. Verify that the cable from the source interface is properly connected and is in good condition. If there is doubt that the connection is good, reseat the cable and ensure that the connection is secure. Try replacing the cable with a known working cable. If this cable connects to a wall jack, use a cable tester to ensure that the jack is properly wired.

Also check any transceiver in use to ensure that it is the correct type, is properly connected, and is properly configured. If the problem continues after the cable is replaced, replace the transceiver if one is used.

Always check to make sure that the device is powered on. Always check the basics before running diagnostics or attempting complex troubleshooting.

The next page will describe the ping command.
 
  20.2  Network Testing  
  20.2.5  Layer 3 troubleshooting using ping   
 
This page will explain how the ping utility can be used to test network connectivity. Many network protocols support an echo protocol to help diagnose basic network connectivity. Echo protocols are used to determine if protocol packets are routed. The ping command sends a packet to the destination host and then waits for a reply packet from that host. Results from this echo protocol can help evaluate the path-to-host reliability, delays over the path, and whether the host can be reached or is functioning. The ping output displays the minimum, average, and maximum times it takes for a ping packet to find a specified system and return. The ping command uses ICMP to verify the hardware connection and the logical address of the network layer. This is a very basic way to test network connectivity. Figure  shows the ICMP message types. This is a very basic testing mechanism for network connectivity.

In Figure , the ping target 172.16.1.5 responded successfully to all five datagrams sent. Each exclamation point (!) indicates a successful echo. One or more periods (.) indicates that the application on the router timed out before it received a packet echo from the ping target.

The following command activates a diagnostic tool that is used to test connectivity:

Router#ping [protocol] {host | address}
To test network connectivity, the ping command sends ICMP echo requests to a target host and measures how long it takes to reply. The ping command tracks the number of packets sent, the number of replies received, and the percentage of packets lost. It also tracks the amount of time required for packets to reach the destination and for replies to be received. This information can be used to verify communications between hosts and determine if information was lost.

The ping command can be invoked from both user EXEC mode and privileged EXEC mode. The ping command can be used to confirm basic network connectivity on AppleTalk, ISO Connectionless Network Service (CLNS), IP, Novell, Apollo, VINES, DECnet, or XNS networks.

The use of an extended ping command directs the router to perform a more extensive range of test options. To use extended ping, type ping at the command line, and press the Enter key. Prompts will appear each time the Enter key is pressed. These prompts provide many more options than with a standard ping.

Use the ping command when the network functions properly to see how the command works under normal conditions. This can be used as a comparison, or baseline, when troubleshooting.

The Lab Activity will allow students to use the ping command to send an ICMP echo request.

The next page will describe the Telnet application.

  20.2  Network Testing 
  20.2.6  Layer 7 troubleshooting using Telnet 
  
This page will explain how Telnet can be used to troubleshoot the application layer.

The Telnet utility is a virtual terminal protocol that is part of the TCP/IP protocol suite. It allows verification of the application layer software between source and destination stations. This is the most complete test mechanism available. The Telnet utility is normally used to connect remote devices, to gather information, and to run programs.

The Telnet application provides a virtual terminal connection to routers that use TCP/IP. For troubleshooting purposes, it is useful to verify that a connection can be made using Telnet. This proves that at least one TCP/IP application is able to connect end-to-end. A successful Telnet connection indicates that the upper-layer application and the services of lower layers are functioning properly.

If an administrator can Telnet to one router but not to another router, verify lower layer connectivity. If connectivity has been verified, it is likely that the Telnet failure is caused by specific addressing, naming, or access permission problems. These problems can exist on the administrator's router or on the router that failed as a Telnet target.

If the Telnet to a particular server fails from one host, Telnet from a router and other devices. If a login prompt is not achieved during Telnet, check the following:

  • A reverse DNS lookup may not be found on the client address. Many Telnet servers will not allow connections from IP addresses that have no DNS entry. This is a common problem for DHCP-assigned addresses if the administrator has not added DNS entries for the DHCP pools.
  • It is possible that a Telnet application cannot negotiate the appropriate options and will not connect. On a Cisco router, this negotiation process can be viewed with the debug telnet command.
  • It is possible that Telnet is disabled or has been moved to a port other than 23 on the destination server.
The Lab Activity will allow students to troubleshoot a network with Telnet and the ping command. The Interactive Media Activity will help students become more familiar with Telnet.

This page concludes this lesson. The next lesson will teach students how to troubleshoot router issues. The first page will discuss show commands.
 
  20.3  Troubleshooting Router Issues Overview  
  20.3.1  Troubleshooting Layer 1 using show interfaces 

 
 
This page will discuss show commands and explain how they are used to troubleshoot Layer 1 issues.

The Cisco IOS contains many commands for troubleshooting. Among the more widely used are the show commands. Every aspect of the router can be viewed with one or more of the show commands. The show command used to check the status and statistics of the interfaces is the show interfaces command. The show interfaces command without arguments returns status and statistics on all the router ports. The show interfaces <interface name> returns the status and statistics of only the named port. To view the status of Serial 0/0, use show interfaces serial 0/0.

The status of two important portions of the interfaces is shown with the show interfaces command. They are the physical, or hardware portion and logical, or software, portion. These can be related to the Layer 1 and the Layer 2 functions.

The hardware includes cables, connectors, and interfaces showing the condition of the physical connection between the devices. The software status shows the state of messages such as keepalives, control information, and user information that are passed between adjacent devices. This relates to the condition of a Layer 2 protocol passed between two connected router interfaces.

These important elements can be demonstrated by an example of a serial port on a modular router. The show interfaces serial 0/0 command displays the line and data-link protocol status of serial port one.

The first parameter refers to the hardware layer and indicates if the interface receives a Carrier Detect (CD) signal from the other end of the connection. If the line is down, a problem may exist with the cabling, equipment somewhere in the circuit may be powered off or malfunctioning, or one end may be administratively down. If the interface is administratively down it has been manually disabled in the configuration.

The show interfaces serial 0/0 command also provides information to help diagnose other Layer 1 issues that are not as easy to determine. An increasing number of carrier transitions counts on a serial link may indicate one or more of the following problems:

Line interruptions due to problems in the service provider network
Faulty switch, DSU, or router hardware
If an increasing number of input errors appear in the show interfaces serial 0/0 output, there are several possible sources of those errors. Some common Layer 1 problems are as follows:

  • Faulty telephone company equipment
  • Noisy serial line
  • Incorrect cable or cable length
  • Damaged cable or connection
  • Defective CSU or DSU
  • Defective router hardware
Another area to examine is number of interface resets. These are the result of too many missed keepalives. The following Layer 1 problems could be a cause of interface resets:

  • Bad line that causes carrier transitions
  • Possible hardware problem at the CSU, DSU, or switch
If carrier transitions and interface resets are increasing or if input errors are high while this occurs, the problem is likely to be a bad link or defective CSU or DSU.

The number of errors should be interpreted relative to the amount of traffic that the router has processed and the amount of time that the statistics have been captured. The router tracks statistics that provide information about the interface. The statistics reflect router operation since it was started or since the last time the counters were cleared.

If the show interfaces output shows the last clearing of the counters as never, use the show version command to find out how long the router has been functional.

Use the clear counters privileged EXEC command to reset the counters to zero. These counters should always be cleared after an interface problem has been corrected. This reset to zero gives a better picture of the current status of the network and will help verify that an issue has been corrected.

The Lab Activity will help students become more familiar with the show interfaces command.

The next page will explain how the show interfaces command is used to troubleshoot Layer 2 problems.
 
  20.3  Troubleshooting Router Issues Overview  
  20.3.2  Troubleshooting Layer 2 using show interfaces 

 
This page will further explain why the show interfaces command may be the most important tool to discover Layer 1 and Layer 2 problems with the router. The first parameter, which is line, refers to the physical layer. The second parameter, which is protocol, indicates if the IOS processes that control the line protocol consider the interface usable. This is determined by whether keepalives are successfully received. Keepalives are defined as messages sent by one network device to inform another network device that the virtual circuit between the two is still active. If the interface misses three consecutive keepalives, the line protocol is marked as down.

When the line is down, the protocol is always down, because there is no useable media for the Layer 2 protocol. This will be true when the interface is down due to a hardware problem and when it is administratively down.

If the interface is up and the line protocol is down, a Layer 2 problem exists. Possible causes are as follows:

  • No keepalives
  • No clock rate
  • Mismatch in encapsulation type
The show interfaces command should be used after configuring a serial interface to verify the changes and that the interface is operational.

The Interactive Media activity will help students understand the show interfaces command.

The next page will discuss the show cdp command.

  20.3  Troubleshooting Router Issues Overview 
  20.3.3  Troubleshooting using show cdp 

This page will explain the functions of the show cdp command.

CDP advertises device information to its direct neighbors. This includes MAC and IP addresses and outgoing interfaces.

The output from the show cdp neighbors command displays information about directly connected Cisco device neighbors.  This information is useful for debugging connectivity issues. If a cabling problem is suspected, enable the interfaces with the no shutdown command and then execute the show cdp neighbors detail command before any other configuration. The command displays specific device detail such as the active interfaces, the port ID, and the device. The version of Cisco IOS that is running on the remote devices is also shown.

If the physical layer functions properly, then all other directly connected Cisco devices should be displayed. If no known device appears, this usually indicates a Layer 1 problem.

One area of concern with CDP is security. The amount of information CDP provides is so extensive that it can be a potential security hole.  For security reasons CDP should be configured only on links between Cisco devices and disabled on user ports or links that are not locally managed.

In the Lab Activity, students will use the show cdp command to learn about network devices.

The next page will discuss the traceroute command.

  20.3  Troubleshooting Router Issues Overview 
  20.3.4  Troubleshooting using traceroute 
 
This page will describe the functions of the traceroute command.

The traceroute command is often referred to as the trace command in reference materials. However, the correct command syntax is traceroute. The traceroute command displays the routes that packets take to their destinations. The traceroute command can also be used to test each hop at the network layer and provide performance benchmarks.

The output of the traceroute command generates a list of hops that were successfully reached.  If the data successfully reaches the intended destination, then the output indicates every router that the datagram passes through. This output can be captured and used for future troubleshooting of the internetwork.

Traceroute output will also indicate the specific hop at which the failure occurs. A line of output is generated on the terminal for each router in the path. This indicates the IP address of the interface that the data entered. If an asterisk (*) appears, the packet failed. To isolate the problem area, obtain the last good hop from the traceroute output and compare it to a diagram of the internetwork.

The traceroute command also provides information about the performance of links. The round trip time (RTT) is the time required to send a packet and get a response.  This is useful for an approximate idea of the delay on the link. These figures are not precise enough to be used for an accurate performance evaluation. However, this output can be captured and used for future performance troubleshooting of the internetwork.

Notice that the device receiving the traceroute also has to know how to send the reply back to the source of the traceroute. For the traceroute or ping data to make the round trip between routers, there must be known routes in both directions. A failed response is not always an indication of a problem because ICMP messages could be rate-limited or filtered at the host site. This is especially true across the Internet.

Traceroute sends out a sequence of User Datagram Protocol (UDP) datagrams from the router to an invalid port address on the remote host. For the first sequence of three datagrams, a TTL field value is set to 1. The TTL value of 1 causes the datagram to time out at the first router in the path. This router then responds with an ICMP Time Exceeded Message (TEM) indicating that the datagram has expired.

Three more UDP messages are now sent, this time with the TTL value set to 2. This causes the second router to return ICMP TEMs. This process continues until the packets actually reach the other destination or the maximum TTL has been reached. The default maximum TTL for traceroute is 30.

Since these datagrams are trying to access an invalid port at the destination host, ICMP Port Unreachable Messages are returned instead of ICMP TEMs. This indicates an unreachable port and signals the Traceroute program to end the process.

The Lab Activity will help students become more familiar with the traceroute command.

The next page will discuss some other commands that are used to troubleshoot routing issues.

  20.3  Troubleshooting Router Issues Overview 
  20.3.5  Troubleshooting routing issues 
 
This page will describe the show ip protocols and show ip route commands. These commands display information about routing protocols and the routing table. The output from these commands can be used to verify the routing protocol configuration.

The show ip route command may be the most important command used to troubleshoot routing issues. This command displays the contents of the IP routing table. The output from the show ip route command shows the entries for all known networks and subnetworks, and how that information was learned.

If there is a problem reaching a host in a particular network, then the output of the show ip route command can be used to verify that the router has a route to that network.

If the output of the show ip route command does not show the expected learned routes, or any learned routes, then the problem may be that routing information has not been exchanged. In this case, use the show ip protocols command on the router to check for a routing protocol configuration error.

The show ip protocols command displays values about IP routing protocol information on the entire router. This command can be used to confirm which protocols are configured, which networks are being advertised, which interfaces are sending updates, and the sources of routing updates. The show ip protocols output also shows timers, filters, route summarization, route redistribution, and other parameters that are specific to each routing protocol that is enabled on the router. When multiple routing protocols are configured, the information about each protocol is listed in a separate section.

The show ip protocols command output can be used to diagnose many routing issues. For example, it can be used to identify a router that may advertise incorrect routing information. This command may be used to confirm that expected protocols, advertised networks, and routing neighbors are present. It is important to have documentation that indicates the expected results, or baseline information, when a problem occurs. It may be impossible to identify the problem without such documentation.

The Lab Activity will teach students how to use the show ip route and show ip protocols command.

The next page will discuss the show controllers serial command.

  20.3  Troubleshooting Router Issues Overview 
  20.3.6  Troubleshooting using show controllers 
 
This page will teach students about troubleshooting using the show controllers command.

Router configuration and troubleshooting can be performed remotely when physical inspection of the connections is not possible. The show controllers command is useful to determine the type of cable connected without inspecting the cables.

The output displayed by the show controllers command indicates the type of cable detected by the controller. This is useful for finding a serial interface with no cable, the wrong type of cable, or a defective cable.

The show controllers serial 0/0 command queries the integrated circuit, or controller chip, that controls the serial interfaces and displays information about the physical interface serial 0/0. This output varies for different controller chips.

Regardless of the controller chip type, the show controllers command produces a large amount of output. Other than the cable type, most of this output is internal technical detail about the controller chip status. Without specific knowledge of the integrated circuit, this information is of little use.

The Lab Activity will show students how to troubleshoot with the show controllers command.

The Interactive Media Activity will help students link network problems to the corresponding layer of the OSI model.

The next page will introduce the debug command.

  20.3  Troubleshooting Router Issues Overview 
  20.3.7  Introduction to debug 
  
This page will explain the functions of the debug command.

The debug commands assist in the isolation of protocol and configuration problems. The debug command is used to display dynamic data and events. Since the show commands only display static information, they provide a historical picture of the router operation. The debug command output gives more insight into the current events of the router. These events could be traffic on an interface, error messages generated by nodes on the network, protocol-specific diagnostic packets, and other useful troubleshooting data.  The dynamic output of the debug command creates performance issues. This command produces high processor overhead that may disrupt normal router operation. For this reason, debug should be used conservatively. Use debug commands to examine specific types of traffic or problems after likely problems have been narrowed a few causes. The debug command should be used to isolate problems and not to monitor normal network operation.


WARNING:

The debug all command should be used sparingly as this can disrupt router operations.



By default, the router sends the debug output and system messages to the console. If a Telnet session is used to examine the router, then the debug output and system messages can be redirected to the remote terminal. This is done through the Telnet session with the terminal monitor command. Use extra caution when the debug commands are selected from a Telnet session. No command should be selected that will cause the debug output to create additional traffic that creates debug output. If this occurs, the Telnet session will rapidly saturate the link with traffic or the router will exhaust one or more resources. A good rule to follow to prevent this recursion of traffic is to never debug any activity on the port where the session is established.

The output of the different debug commands varies. Some may frequently generate many lines while others produce a line or two of output every few minutes. 

Another IOS software service that will enhance the usefulness of the debug output is the timestamps command. This command will put a timestamp on a debug message. This information provides the time when the debug event occurred and the duration of time between events.

This is often very useful when troubleshooting intermittent problems. By time stamping the output, a pattern of occurrence is often recognized. This helps to isolate the source of the problem. This also prevents the technician from intently watching the debug output for what may seem like hours.

The following command configures a timestamp that will show the hour:minute:second of the output, the amount of time since the router was last powered up, or when a reload command was executed:

GAD(config)#service timestamps debug uptime
The output from this is useful to determine the time between events. To determine how long since the last occurrence of the debug event, the time since the last reload has to be used as a reference. This time can be found with the show version command.

A more practical use of the timestamps is to have it display the time and date that the event occurred. This will simplify the process of determining the last occurrence of the debug event. This is done using the datetime option:

GAD(config)#service timestamps debug datetime localtime
It should be noted that this command is only useful if the clock is set on the router. Otherwise, the timestamp shown in the debug output is not an accurate time. To ensure that the timestamps are correct, the router clock should be set to the correct time from privileged EXEC mode with the following command:

GAD#clock set 15:46:00 3 May 2004

NOTE:
On some Cisco platforms, the router clock is not backed up with a battery source, so the system time will need to be reset after a router reload or power failure.


The no debug all and undebug all commands turn off all diagnostic output. To disable a particular debug command, use the no form of the command. For example, if the debug ip rip command is used to monitor RIP, it can be disabled with no debug ip rip. To view what is currently being examined by a debug command, use show debugging.

The Lab Activity will help students become more familiar with the debug command.

This page concludes this lesson. The next page will summarize the main points from this module.

  Summary
 
This page summarizes the topics discussed in this module.

The show ip route command is used to gather detailed information about the routes installed on the router. It displays the contents of the IP routing table. New routes may be added with static routing, which allows an administrator to manually define routes, or with dynamic routing, which uses the rules defined by a routing protocol to exchange information and determine the best path.

Default routes are used when the router is unable to match a destination network with a more specific entry in the routing table. The router uses this default route to reach the gateway of last resort in an effort to forward the packet.

The path determination function occurs at the network layer of the OSI model. It enables a router to evaluate the available paths to a destination and to establish the preferred handling of a packet. This information is configured manually or collected dynamically. The administrative distance of the route is used by the router to decide what the best path is to a particular destination. The administrative distance is a number that measures the trustworthiness of the source of the route information. Lower administrative distances indicate more trustworthy sources.

To determine the best route to a destination, routing protocols use a value that measures the desirability of a route called a metric. The metric is usually determined by factors such as hop count, bandwidth, delay, load, reliability, and cost. Typically, the smaller the metric number, the better the path.

Troubleshooting should be an orderly process based on the networking standards set in place by an administrator. Documentation is an important part of the troubleshooting process. Indicator lights are a useful tool for troubleshooting at Layer 1. At Layer 3, ping is used to test network connectivity. Telnet connections are used to verify the application layer software between a source and a destination.

The show interfaces command shows the status of two important portions of the interfaces. They are the physical or hardware portion and logical or software portion. These can be related to the Layer 1 and the Layer 2 functions. If the interface is up and the line protocol is down, a Layer 2 problem exists. If the physical layer is properly functioning, then all other directly connected Cisco devices should be displayed. If no known device appears, a Layer 1 problem likely exists.

To debug connectivity issues, the show cdp neighbors command is used to display information about directly connected neighbors. Use the traceroute command to trace the routes that packets take to destinations. This command can be used to test the network layer at each hop and provide performance benchmarks.

To verify the routing protocol configuration, use the show ip protocols and show ip route commands. These commands display information about routing protocols and the routing table. To determine the type of cable connected without inspecting the cables, use the show controllers command.

The debug command is used to display dynamic data and events. Since the show commands only display static information, they provide a historical picture of the router operation. The debug command output gives more insight to the current events of the router.





No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Turn Pc On Designed by Templateism.com Copyright © 2014

Theme images by Bim. Powered by Blogger.