APPENDIX C
Memory Tables Answer Key
Table 3-2 Cisco IOS Commands for Hardware Troubleshooting
Command Description
show processes cpu Provides 5-second, 1-minute, and 5-minute CPU utilization statistics, in addition to a listing of processes running on a
platform along with each process’s utilization statistics
show memory Displays summary information about processor and I/O memory, followed by a more comprehensive report of memory
utilization
show interfaces Shows Layer 1 and Layer 2 interface status, interface load information, and error statistics including the following:
 input queue drops: Indicates a router received information faster than the information could be processed by the router
 output queue drops: Indicates a router received information faster than the information could be sent out of the outgoing interface
(perhaps because of an input/output speed mismatch)
 input errors: Indicates frames were not received correctly (for example, a cyclic redundancy check (CRC) error occurred), perhaps
indicating a cabling problem or a duplex mismatch
 output errors: Indicates frames were not transmitted correctly, perhaps due to a duplex mismatch
(NOTE: Prior to collecting statistics, interface counters can be reset using the clear counters command.)
show controllers Displays statistical information for an interface (for example, error statistics), where the information varies for different
interface types (for example, the type of connected cable might be displayed for a serial interface)
show platform Provides detailed information about a router or switch hardware platform
Table 4-2 Cisco Catalyst Switch Troubleshooting Commands
Command Description
clear mac address-table dynamic Clears dynamically learned MAC addresses from a
switch’s MAC address table; this can help a troubleshooter determine if a previously learned MAC address is relearned
NOTE: On some versions of Cisco IOS running on Cisco Catalyst switches, the clear mac address-table command contains a hyphen between mac
and address (that is, clear mac-address-table).
show mac address-table Displays MAC addresses learned by a switch along
with each associated port and VLAN of the MAC address
NOTE: On some versions of Cisco IOS running on Cisco Catalyst switches, the show mac address-table command contains a hyphen between mac
and address (that is, show mac-address-table).
show vlan Shows to which VLANs the ports of a switch belong
show interfaces trunk Displays which VLANs are permitted on the trunk ports of a switch and which switch ports are configured as trunks
show interfaces switchport Displays summary information for the ports on a
switch, including VLAN and trunk configuration information
traceroute mac source_flAC_ address destination_flAC_address
Uses Cisco Discovery Protocol (CDP) information to produce a list of switches to be transited for traffic traveling from a specified source MAC
address to a specified destination MAC address
Table 5-3 Router Data Plan Verification Commands
Command Description
show ip cef Displays the router’s Layer 3 forwarding information, in addition to multicast, broadcast, and local IP addresses.
show adjacency
Verifies that a valid adjacency exists for a connected host.
Table 6-2 Troubleshooting Layer 3 Forwarding Information
Command Description
show ip route ip-address Displays a router’s best route to the specified IP address.
show ip route network subnet-mask Displays a router’s best route to the specified net-
work, if the specific route (with a matching subnet mask length) is found in the router’s IP routing table.
show ip route network subnet-mask
longer-prefixes
Displays all routes in a router’s IP routing table that are encompassed by the specified network address and subnet mask. (NOTE: This command is
often useful when troubleshooting route summarization issues.)
show ip cef ip-address Displays information (for example, next-hop IP address and egress interface) required to forward a packet, similar to the output of the show ip route ip-address command. (NOTE: The output of this
command comes from CEF. Therefore, routing protocol information is not presented in the output.)
show ip cef network subnet-mask Displays information from a router’s FIB showing the
information needed to route a packet to the specified network with the specified subnet mask.
show ip cef exact-route source-ip-address destination-ip-address
Displays the adjacency that will be used to forward a packet from the specified source IP address to the specified destination IP address. (NOTE:
This command is useful if the router is load balancing across multiple adjacencies, and you want to see which adjacency will be used for a certain
combination of source and destination IP addresses.)
Table 6-3 Troubleshooting Layer 3 to Layer 2 Mapping Information
Command Description
show ip arp Displays a router’s ARP cache, containing IP address to MAC address mappings. (NOTE: By default, a router’s ARP cache stores
information for four hours. Therefore, you might need to execute a clear ip arp command to allow a router to relearn information after you make a
topology change.)
show frame-relay map
show adjacency detail
Displays Frame Relay DLCIs associated with different next-hop IP addresses.
Displays the frame headers in a router’s CEF adjacency table used to encapsulate a frame being sent to an adjacency.
****************************
Table 6-5 EIGRP Troubleshooting Commands
Command
Routing Component or
Data Structure
Description
show ip eigrp interfaces
EIGRP interface table
This command displays all of a router’s
interfaces configured to participate in
an EIGRP routing process (with the
exception of passive interfaces).
show ip eigrp neighbors
EIGRP neighbor table
This command shows a router’s EIGRP
neighbors.
show ip eigrp topology
EIGRP topology table
This command displays routes known
to a router’s EIGRP routing process.
These routes are contained in the
EIGRP topology table.
show ip route eigrp
IP routing table
This command shows routes known to
a router’s IP routing table that were injected by the router’s EIGRP routing
process.
debug ip routing
IP routing table
This command displays updates that
occur in a router’s IP routing table.
Therefore, this command is not spe-
cific to EIGRP.
debug eigrp packets
Exchanging EIGRP
This command can be used to display
information with
all EIGRP packets exchanged with a
neighbors
router’s EIGRP neighbors. However,
the focus of the command can be narrowed to only display specific EIGRP
packet types (for example, EIGRP
Hello packets).
debug ip eigrp
Exchanging EIGRP
This command shows information
information with
contained in EIGRP packets and re-
neighbors
veals how an EIGRP routing process
responds to that information.
Table 7-2 OSPF Data Structures
Data Structure Description
OSPF interface table All the router interfaces that have been configured to participate in an OSPF routing process are listed in this table.
OSPF neighbor table OSPF neighbors learned via Hello packets are present in
this table. A neighbor is removed from this table if Hellos have not been heard from the neighbor within the dead time interval. Additionally, a
neighbor is removed from this table if the interface associated with the neighbor goes down.
OSPF link-state database This data structure contains topology information for all
areas in which a router participates, in addition to information about how to route traffic to networks residing in other areas or autonomous
systems.
OSPF Routing Information Base The OSPF Routing Information Base (RIB) stores the results of the OSPF shortest path first (SPF) calculations.
Table 7-8 OSPF Troubleshooting Commands
Command Routing Component or Data Structure
Description
show ip ospf interface [brief] OSPF interface table This command displays all of a
router’s interfaces configured to participate in an OSPF routing process. The brief option provides a more concise view of OSPF interface
information.
show ip ospf neighbor OSPF neighbor table This command displays the state
of OSPF neighbors learned off a router’s active OSPF interfaces.
show ip ospf database OSPF link-state database This command displays the LSA
headers contained in a router’s OSPF link-state database.
show ip ospf statistics OSPF RIB This command provides information about how frequently a router is executing the SFP algorithm. Additionally,
this command shows when the SPF algorithm last ran.
Table 7-8 OSPF Troubleshooting Commands (Continued)
Command
Routing Component or Data
Structure
Description
debug ip ospf monitor
OSPF RIB
This command provides realtime updates showing when a
router’s SPF algorithm is scheduled to run.
debug ip routing
IP routing table
This command displays updates
that occur in a router’s IP rout-
ing table. Therefore, this command is not specific to OSPF.
show ip route ospf
IP routing table
This command shows routes
known to a router’s IP routing
table that were learned via
OSPF.
debug ip ospf packet
Exchanging OSPF infor-
This command shows the trans-
mation with neighbors
mission and reception of OSPF
packets in real time. This command is useful for monitoring
Hello messages.
debug ip ospf adj
Exchanging OSPF infor-
This command provides real-
mation with neighbors
time updates about the formation of an OSPF adjacency.
debug ip ospf events
Exchanging OSPF infor-
This command shows real-time
mation with neighbors
information about OSPF events,
including the transmission and
reception of Hello messages and
LSAs. This command might be
useful on a router that appears
to be ignoring Hello messages
received from a neighboring
router.
show ip ospf virtual-links
OSPF interface table
This command provides information about the status of
OSPF virtual links that are required for areas not physically
adjacent to the backbone area
(that is, area 0).
Table 8-3 BGP Troubleshooting Commands
Command
Routing Component or
Data Structure
Description
show ip bgp summary
Neighbor table
This command displays a router’s BGP
router ID, AS number, information about
the BGP’s memory usage, and summary
information about BGP neighbors.
show ip bgp neighbors
Neighbor table
This command displays the detailed information about all the BGP neighbors of a
router.
show ip bgp
BGP table
This command displays the network prefixes present in the BGP table.
debug ip routing
IP routing table
This command displays updates that occur in a router’s IP routing table. Therefore, this command is not specific to BGP.
show ip route bgp
IP routing table
This command shows routes known to a
router’s IP routing table that were learned
via BGP.
debug ip bgp
Exchanging BGP in-
Although this command does not show
formation with neighbors
the contents of BGP updates, the output
does provide real-time information about
BGP events, such as the establishment of a
peering relationship.
debug ip bgp updates
Exchanging BGP in-
This command shows real-time informa-
formation with neigh-
tion about BGP updates sent and received
bors
by a BGP router.
Table 8-5 Commands for Troubleshooting High CPU Utilization
Command Description
show arp Displays the ARP cache for a router. If several entries are in the Incomplete state, you might suspect a malicious scan (for example, a ping
sweep) of a subnet.
show interface interface-id
Displays a collection of interface statistics. If the throttles, overruns, or ignore counters continually increment, you might suspect that the Net
Background process is attempting to allocate buffer space for an interface from the main buffer pool of the router.
show tcp statistics Provides information about the number of TCP segments a
router sends and receives, including the number of connections initiated, accepted, established, and closed. A high number of connections can
explain why the TCP Timer process might be consuming excessive CPU resources.
show processes cpu Displays average CPU utilization over 5-second, 1-minute, and
5-minute intervals, in addition to listing all the router processes and the percentage of CPU resources consumed by each of those processes.
show processes cpu history
Displays a graphical view of CPU utilization over the past 60 seconds, 1 hour, and 3 days. This graphical view can indicate if an observed high CPU
utilization is a temporary spike in utilization or if the high CPU utilization is an ongoing condition.
Command Description
show ip interface interface_id Displays multiple interface statistics, including information about the packet switching mode of an interface.
show ip cache Displays the contents of fast cache from a router if fast switching is enabled.
show processes cpu | include IP Input Displays information about the IP input process on
a router. The CPU utilization for this process might show a high value if the CPU of a router is actively engaged in process-switching traffic.
show ip cef Displays the contents of a router FIB.
show ip cef adjacency egress-interface-id next-hop-ip-address detail
Displays destinations reachable via the combination of the specified egress interface and next-hop IP address.
show adjacency detail Provides information contained in the adjacency table of a router, including protocol and timer information.
show cef not-cef-switched Displays information about packets the router forwards using a packet switching mechanism other than CEF.
Table 9-5 Sampling of Cisco IOS Security Troubleshooting Syntax
Command Description
Router(config-line)# exec-timeout minutes
[seconds]
Router(config)# access-list number {deny | permit} protocol source wildcard-mask destination wildcard-mask [eq port-number] [log]
Specifies how long the EXEC process running on a line waits for user input before timing out the connection (defaults to 10 minutes)
Creates an extended IP access list, where the access list number is in the range 100–199
rommon> confreg 0x2142 Configures a router in ROM Monitor configuration mode to ignore its startup configuration when it boots
rommon> reset Causes a router in ROM Monitor configuration mode to reboot
Router(config)#config-register 0x2102 Configures a router to uses its startup configuration the next time the router boots
Router(config)#enable secret password Configures a router’s privileged mode password
Router# show access-lists Displays access lists configured on a router
Router# show logging Displays output collected from logged access list entries
clear ip nat translation * Removes all dynamic entries from a router’s NAT translation
table
show ip nat translations Used to see all entries in a router’s NAT translation table
show ip nat statistics Used to display NAT configuration and statistical information on a router, such as inside and outside interfaces, total translations, number of expired translations, inside address ACL, and outside address
pool information
debug ip nat Provides real-time information about NAT translations as they occur, including the IP address being translated and the IP
identification number that can be used to match packets in the output with packets captured with a protocol analyzer
ip nat pool pool-name start-ip end-ip {netmask subnet-mask | prefix-length
prefix-length}
Global configuration mode command that defines a pool of inside global addresses into which inside local addresses can be translated
ip nat inside source list access-list pool pool-name [overload]
Global configuration mode command that associates an ACL defining an inside local address space with the specified pool of inside global
addresses (Note: The overload keyword enables PAT, which allows multiple inside addresses to share a common outside address.)
ip nat translation max-entries
number
Global configuration mode command that specifies the maximum number of entries permitted in a router’s NAT table
ip nat {inside | outside} Interface configuration mode command that identifies an interface as an inside or outside NAT interface
Table 10-6 DHCP Message Types
DHCP Message Description
DHCPDISCOVER A client sends this message in an attempt to locate a DHCP
server. This message is sent to a broadcast IP address of 255.255.255.255 using UDP port 67.
DHCPOFFER A DHCP server sends this message in response to a DHCPDISCOVER message using UDP port 68.
DHCPREQUEST This message is a request for IP configuration parameters
sent from a client to a specific DHCP server.
DHCPDECLINE This message is sent from a client to a DHCP server to inform the server that an IP address is already in use on the network.
DHCPACK A DHCP server sends this message to a client and includes IP configuration parameters.
DHCPNAK A DHCP server sends this message to a client and informs the client that the DHCP server declines to provide the client with the
requested IP configuration information.
DHCPRELEASE A client sends this message to a DHCP server and informs
the DHCP server that the client has released its DHCP lease, thus allowing the DHCP server to reassign the client IP address to another client.
DHCPINFORM This message is sent from a client to a DHCP server and requests IP configuration parameters. Such a message might be sent from an access server requesting IP configuration information for a remote
client attaching to the access server.
show ip dhcp conflict Identifies any IP address conflicts a router identifies,
along with the method the router used to identify the conflicts (this is, via ping or gratuitous ARP)
show ip dhcp binding Displays IP addresses that an IOS DHCP server assigns,
their corresponding MAC addresses, and lease expirations
clear ip dhcp binding * Releases all current DHCP leases
clear ip dhcp conflict * Clears all currently identified DHCP conflicts
debug ip dhcp server events Provides real-time information about DHCP address assignments and database updates
debug ip dhcp server packet Displays real-time decodes of DHCP packets
ip helper-address ip-address Interface configuration mode command that causes an interface to forward specific received UDP broadcasts to the destination IP address, which can be either a specific IP address or a directed broadcast
address
ip dhcp excluded-address beginning-ip-address [ending-ip-address]
Specifies a range of IP addresses not to be assigned to DHCP clients
ip dhcp pool pool-name Creates a DHCP pool
network network-address subnet-mask
Identifies a subnet to be used by a DHCP pool
default-router ip-address Specifies the IP address of a default gateway to be given to a DHCP client
dns-server ip-address Configures the IP address of a DNS server to be given to
a DHCP client
netbios-name-server ip-address Defines the IP address of a WINS server to be given to a
DHCP client
lease {days hours minutes |
infinite}
Determines the duration of a DHCP lease given to a DHCP client
Table 11-3 MQC Verification Commands
Command Description
show class-map [class-map-name] Used to view what a class map is matching.
show policy-map [policy-map-name] Used to view the policy applied to the classes
within a policy map.
show policy-map interface interface-identifier [input | output]
Used to view policy map statistics for packets crossing a specific interface.
QoS Metric
Cisco Unified Video
Advantage
Cisco TelePresence
Video Surveillance
One-Way Delay 200 ms maximum
150 ms maximum
500 ms maximum
Jitter
10 ms maximum
10 ms maximum
10 ms maximum
Packet Loss
0.05 percent maximum
0.05 percent maximum
0.5 percent maximum
Table 12-2 IPv6 Configuration Commands
Command Description
ipv6 cef Global configuration mode command that configures Cisco Express Forwarding for IPv6.
ipv6 unicast-routing Global configuration mode command that instructs a router to forward IPv6 traffic.
ipv6 address ipv6-address/prefix-length [eui-64]
Interface configuration mode command that assigns an IPv6 address to an interface. (NOTE: The eui-64 option allows a router to complete the loworder 64 bits of an address, based on an interface’s MAC address.)
Table 12-3 Commands Used to Tunnel IPv6 via IPv4
Command Description
interface tunnel interface-id Global configuration mode command that creates a
virtual IPv4 tunnel interface over which encapsulated IPv6 packets can flow.
tunnel source ipv4-address Interface configuration mode command that identifies the IPv4 address of the local end of a tunnel.
tunnel destination ipv4-address Interface configuration mode command that identifies the IPv4 address of the remote end of a tunnel.
tunnel mode ipv6ip Interface configuration mode command that configures an interface to act as a manual IPv6 tunnel.
ipv6 address ipv6-address/prefix-length
Interface configuration mode command that specifies the IPv6 address assigned to a tunnel interface.
ipv6 ospf process-id area area-id Interface configuration mode command that allows
the IPv6 address configured on a tunnel interface to participate in an OSPFv3 routing process.
Table 12-4 OSPFv3 Configuration Commands
Command Description
ipv6 ospf process-id area area-id
Interface configuration mode command that allows the IPv6 address configured on an interface to participate in an OSPFv3 routing process.
ipv6 router ospf process-id Global configuration mode command that enables an
OSPFv3 routing process on a router.
router-id ipv4-address Router configuration mode command that specifies an
IPv4 address to be used by OSPFv3 as a router’s router ID.
Table 12-5 OSPFv3 Troubleshooting Commands
Command Description
show ipv6 ospf Displays OSPFv3 routing process, router ID, various timers, and information about each area on a router.
show ipv6 ospf interface
show ipv6 ospf neighbor
debug ipv6 ospf adj
debug ip ipv6 ospf hello
Shows IPv6 link local address, area ID, process ID, router ID, and cost.
Lists the state of a router’s adjacency with all configured OSPFv3 neighbors.
Displays information about OSPFv3 adjacencies. Shows OSPFv3 HELLO packet information.
Table 13-3 VLAN and Trunk Troubleshooting Commands for a Cisco Catalyst Switch
Command Description
show vlan Shows to which VLANs the ports of a switch belong
show interfaces trunk
show interfaces switchport
Displays which VLANs are permitted on a switch’s trunk ports, and which switch ports are configured as trunks
Displays summary information for the ports on a switch, including VLAN and trunk configuration information
Table 13-4 DHCP Troubleshooting Commands
Command Description
show ip dhcp conflict
show ip dhcp binding
clear ip dhcp binding *
clear ip dhcp conflict *
debug ip dhcp server events
debug ip dhcp server packet
Lists any IP address conflicts identified by a router, along with the method the router used to identify the conflicts (this is, via ping or gratuitous
ARP)
Displays IP addresses assigned by an IOS DHCP server, their corresponding MAC addresses, and lease expirations
Releases all current DHCP leases
Clears all currently identified DHCP conflicts
Provides real-time information about DHCP address assignments and database updates
Displays real-time decodes of DHCP packets
Chapter 14
Table 14-3 VPN Troubleshooting Commands
Command Description
show crypto ipsec sa Displays IPsec security association settings
show crypto engine connections active
Displays configuration information for all active IPsec sessions
Table 14-3 VPN Troubleshooting Commands (Continued)
Command Description
show crypto map Displays the crypto map configuration of a router (for example, information about ACLs being referenced by the crypto map, the IP address of the IPsec peer, the security association lifetime, and the name of
the crypto map transform set)
show ip route Displays routes injected into a router’s IP routing table, including next-hop IP address or exit interface information for IP routes
show ip protocols Displays information about the active IP routing processes of a router
show interfaces tunnel number Displays status and configuration information for a specified tunnel interface on a router