Module 9: Basic Router Troubleshooting Frank Mann CCAI-CCNA 2 9.1 Examining the Routing Table Frank Mann CCAI-CCNA 3 9.1.1 The show ip route Command One of the primary functions of a router is to determine the best path to a given destination. A router learns paths, also called routes, from an administrator's configuration or from other routers by way of routing protocols. Routers store this routing information in routing tables using on-board dynamic random access memory (DRAM). A routing table contains a list of the best available routes. Routers use the routing table to make packet forwarding decisions. Displaying the IP Routing Table 9.1.2 Determining the gateway of last resort It is not feasible, or even desirable, for a router to maintain routes to every possible destination. Instead, routers keep a default route, or a gateway of last resort. Default routes are used when the router is unable to match a destination network with a more specific entry in the routing table. The router uses this default route to reach the gateway of last resort in an effort to forward the packet Default Routes • This route allows the stub network to reach all known networks beyond router A. Default Routes • This route allows the stub network to reach all known networks beyond router A. Ip Route AD = ? Static Routes • The following are advantages of using a static routes •Secure operation •Low processor overhead •Precise control of path selection RIP Overview • Maximum is 6 paths (default = 4) • Hop-count metric selects the path • Routes update every 30 seconds 9.1.3 Determining route source and destination The Switching Process Consider the process of moving a packet that is received on the Ethernet interface and destined for the FDDI interface. This example describes the switching process. First, the frame arrives at the Ethernet interface as a Layer 2 MAC frame. MAC Header The router immediately removes the MAC header and looks into the packet header for the destination network. Lookup A lookup into the particular protocol's routing table indicates that the packet with that destination network address is destined for the FDDI interface. New FDDI MAC The new FDDI MAC frame must now be built for transmitting out of that interface, and the router must determine the necessary destination MAC address to insert into the new FDDI frame. 9.1.4 Determining L2 and L3 addresses 9.1.5 Determining the route administrative distance The administrative distance of the route is the key information that the router uses in deciding which is the best path to a particular destination. The administrative distance is a number that measures the trustworthiness of the source of the route information. The lower the administrative distance, the more trustworthy the source 9.1.6 Determining the route metric Each routing algorithm interprets what is best in its own way. The algorithm generates a number, called the metric value, for each path through the network. Typically, the smaller the metric number, the better the path. 9.1.6 Determining the route metric IGRP calculates the metric by adding the weighted values of different characteristics of the link to the network in question. In the following example the values bandwidth, bandwidth divided by load, and delay, are weighted with the constants K1, K2, and K3. Metric=K1 *Bandwidth + (K2 * Bandwidth)/256-load) + K3 * Delay The default constant values are K1=K3=1 and K2=K4=K5=0 so: Metric=Bandwidth + Delay 9.1.7 Determining the route next hop 9.1.8 Determining the last routing update –show ip protocols Update Timers Networks being Advertised Sources of routing updates 9.1.9 Observing multiple paths to destination Some routing protocols support multiple paths to the same destination. Unlike single path algorithms, these multipath algorithms permit traffic over multiple lines, provide better throughput, and are more reliable 9.2 Network Testing Frank Mann CCAI-CCNA 25 9.2.1 Introduction to network testing Basic testing of a network should proceed in sequence from one OSI reference model layer to the next. It is best to begin with Layer 1 and work to Layer 7 if necessary. Beginning with Layer 1, look for simple problems such as power cords plugged in the wall. The most common problems that occur on IP networks result from errors in the addressing scheme. It is important to test the address configuration before continuing with further configuration steps. 9.2.2 Using a structured approach to troubleshooting Using a structured approach to troubleshooting, every member of a network support team can know what steps each member of the team has completed to solve a problem. if a variety of troubleshooting ideas are tried with no organization or documentation, problem solving is not efficient. 9.2.3 Testing by OSI layers-physical Layer 1 errors can include: • Broken cables • Disconnected cables • Cables connected to the wrong ports • Intermittent cable connection • Wrong cables used for the task at hand (must use rollovers, crossover cables, and straight-through cables correctly) • Transceiver problems • DCE cable problems • DTE cable problems • Devices turned off 9.2.3 Testing by OSI layers-Data Link Layer 2 errors can include: • Improperly configured serial interfaces • Improperly configured Ethernet interfaces • Improper encapsulation set (HDLC is default for serial interfaces) • Improper clockrate settings on serial interfaces • Network interface card (NIC) problems 9.2.3 Testing by OSI layers-Network Layer 3 errors can include: • Routing protocol not enabled • Wrong routing protocol enabled • Incorrect IP addresses • Incorrect subnet masks 9.2.4 Layer 1 troubleshooting using indicators 9.2.5 Layer 3 troubleshooting using ping The ping command can be invoked from both user EXEC mode and privileged EXEC mode. The ping command can be used to confirm basic network connectivity on AppleTalk, ISO Connectionless Network Service (CLNS), IP, Novell, Apollo, VINES, DECnet, or XNS networks. 9.2.6 Layer 7 troubleshooting using Telnet •If the Telnet to a particular server fails from one host, try connecting from a router and several other devices. When trying to Telnet, if a login prompt is not achieved, check the following: •Can a reverse DNS lookup on the client's address be found? Many Telnet servers will not allow connections from IP addresses that have no DNS entry. This is a common problem for DHCP-assigned addresses in which the administrator has not added DNS entries for the DHCP pools. 9.2.6 Layer 7 troubleshooting using Telnet •It is possible that a Telnet application cannot negotiate the appropriate options and therefore will not connect. On a Cisco router, this negotiation process can be viewed using debug telnet. •It is possible that Telnet is disabled or has been moved to a port other than 23 on the destination server. 9.3 Troubleshooting Router Issues Overview Frank Mann CCAI-CCNA 35 9.3.1 Troubleshooting Layer 1 using show interface These important elements of the show interfaces serial command output are displayed as the line and data-link protocol status. The first parameter refers to the hardware layer and essentially reflects whether the interface is receiving the Carrier Detect (CD) signal from the other end of the connection. If the line is down, a problem may exist with the cabling, equipment somewhere in the circuit may be powered off or malfunctioning, or one end may be administratively down. If the interface is administratively down it has been manually disabled in the configuration Layer 1 indicators There could be a problem with faulty telephone equipment. • A faulty switch or CSU/DSU The router hardware could be defective. There could be a problem with the cabling. There could be a problem from the ISP Layer 1 indicators-Counters 9.3.2 Troubleshooting Layer 2 using show interface The show interfaces command is perhaps the single most important tool to discover Layer 1 and Layer 2 problems with the router. • The first parameter (line) refers to the physical layer. • The second parameter (protocol) indicates whether the IOS processes that control the line protocol consider the interface usable. This is determined by whether keepalives are successfully received. 9.3.3 Troubleshooting using show cdp Cisco Discovery Protocol (CDP) advertises device information to its direct neighbors, including MAC and IP addresses and outgoing interfaces. The output from the show cdp neighbors command displays information about directly connected neighbors. If the physical layer is properly functioning, then all other directly connected Cisco devices should be displayed. If no known device appears, a Layer 1 problem likely exists. 9.3.4 Troubleshooting using traceroute The output of the traceroute command generates a list of hops that were successfully reached. If the data successfully reaches the intended destination, then the output indicates every router that the datagram passes through. This output can be captured and used for future troubleshooting of the internetwork 9.3.5 Troubleshooting routing issues 9.3.5 Troubleshooting routing issues 9.3.6 Troubleshooting using show controllers serial 9.3.7 Introduction to debug The debug commands assist in the isolation of protocol and configuration problems. The debug command is used to display dynamic data and events. Since the show commands only display static information, they provide a historical picture of the router operation. Using the debug command output gives more insight to the current events of the router. show and debug Commands show debug Processing characteristic Static Dynamic Processing load Low overhead High overhead Primary use Gather facts Observe processes Considerations When Using debug Commands • May generate output in a variety of formats that may not identify the problem • Require high overhead, possibly disrupting network device operation • Useful for obtaining information about network traffic and router status The Importance of show and debug Commands The show and debug commands are important tools for troubleshooting that are built into Cisco IOS software. The show commands snapshot problems with interfaces, media, or network performance, whereas debug commands check the flow of protocol traffic for problems, protocol bugs, or misconfigurations. Examining show and debug Commands This section describes guidelines for using show and debug commands. The Importance of show and debug Commands The show and debug commands are important tools for troubleshooting that are built into Cisco IOS software. The show commands snapshot problems with interfaces, media, or network performance, whereas debug commands check the flow of protocol traffic for problems, protocol bugs, or misconfigurations. The show Command The show command provides a static collection of information about the status of a router, neighboring routers, and network performance. Use show commands when you are gathering facts for isolating problems in an internetwork, including problems with router interfaces, nodes, media, servers, clients, or applications. The show Command The show command provides a static collection of information about the status of a router, neighboring routers, and network performance. Use show commands when you are gathering facts for isolating problems in an internetwork, including problems with router interfaces, nodes, media, servers, clients, or applications. The debug Command The debug command provides a flow of information about the traffic being seen (or not seen) on an interface, error messages generated by nodes on the network, protocol-specific diagnostic packets, and other useful troubleshooting data. Use debug when you want to see a process operating on the router or network to determine if events or packets are working properly. Guidelines for Optimum Effectiveness Use debug commands to isolate problems, not to monitor normal network operation. Because the high overhead of debug commands can disrupt router operation, you should use debug commands only when you are looking for specific types of traffic or problems and have narrowed your problems to a likely subset of causes. 9.3.7 Introduction to debug 9.3.7 Introduction to debug Considerations for Disabling Debugging Suggestions for disabling debugging are shown here. When to Terminate debug In all cases, when you finish using a debug command, remember to disable it with its specific no debug command or with the no debug all command. No Visible Prompt Sometimes debug can output a considerable volume of data to a terminal. Even if there is no prompt visible on your terminal, you can still type in the command to turn off the debug. In all cases, turn off all debugging with undebug all or no debug all as soon as you are finished troubleshooting. Network Analyzer No single tool works best in all cases. In some cases, attaching a network analyzer to the suspect network is less intrusive and more likely to yield applicable information without exacerbating load problems for a router. Labs Module 9: Basic Router Troubleshooting Lab: 9.1.1 Using Show IP Route to Examine Routing Tables 9.1.2 Gateway of Last Resort 9.1.8 Last Route Update 9.2.6 Troubleshooting Using Ping and Telnet 9.3.4 Troubleshooting using Traceroute 9.3.5 Troubleshooting Routing Issues with show ip route and show ip protocols 9.3.7 Troubleshooting Routing Issues with Debug e-Lab: 9.1.5 Administrative Distance 9.2.5 Layer 3 Troubleshooting Using ping 9.3.1 Troubleshooting Layer 1: Using show interface 9.3.3 Cisco Discovery Protocol 9.3.6 Troubleshooting Using show controllers serial