Don't Panic! The Definitive Guide to Network Troubleshooting (二)

Company News
Don't Panic! The Definitive Guide to Network Troubleshooting (二)

SPOTO put together the complete study guide of IT Certification to help you discover what type of learner you are and how to study smarter with study strategies.

Chapter III

Handling ISDN failures

First, the basic principle of ISDN

Second, common ISDN failure

ISDN problems fall into three categories: improperly configured routers, physical cables, and ISDN protocols, and improperly configured switches.

1, improperly configured router

Improper configuration due to different reasons: typographical error, error message from service provider, incorrect configuration of this router

1) SPID (Service Profile Identifiers): If the SPID and LDN are incorrectly configured, there will be an ISDN connection problem. SPID is only used in North America and is only set when requested by the service provider.

2) CHAP: CHAP authentication is used on interfaces that use PPP encapsulation. The CHAP configuration of the routers at both ends must be the same. In PPP, usernames and passwords are case sensitive.

3) Dialer Map entity: Dialer map associates the high-level address to the relevant phone number. Each protocol requires a dialer map statement.

4) Access List: ACLs can be used for ISDN connections to prevent certain types of traffic from triggering connections.

5) PPP:

2, physical layer connection

1) BRI: Provide digital services on existing telephone lines.

2) ISDN BRI channel: 2B+D (2*64+16+48=192kbps); ISDN BRI physical frame is 48bits, and the link transmits 4000 frames per second.

3) Local loop: The link between the customer and the CO, connecting the ISDN device to the ISDN switch.

4) Physical layer: reference point (R, S, T, U); equipment (LT/ET, NT1, NT2, TE1, TE2, TA)

Third, improperly configured telephone exchanges

When installing ISDN new, you must consider the possibility of service provider ISDN switch configuration error.

1, the second layer of fault handling:

The target of ISDN Layer 2 fault handling: q.921 protocol and PPP.

1) q.921: Layer 2 of ISDN is defined in q.921. Q.921 signaling is transmitted on the D channel using the LAPD protocol.

The most common command for handling q.921 faults is debug isdn q921. The problem is often related to TEI (terminal endpoint identifier), SAPI (service access point identifier), and SABME (set asynchronous balanced mode extended).

TEI=127 indicates broadcast; TEI=64-126 is reserved for dynamic allocation.

SAPI = 0 indicates current Layer 3 signaling; 63 indicates management SAPI for TEI value allocation; 64 is call control.

2) PPP: PPP uses LCP to set up and maintain links; NCP configures and maintains network layer protocols.

2. Layer 3 fault handling:

Layer 3 of ISDN is also called q.931. Use the debug isdn q931 command to view call setup, connect, release, cancel, status, disconnect, and user information.

The ISDN Layer 3 connection is between the local router (TE) and the remote ISDN switch (ET).

The process of establishing an ISDN call:

1) SETUP: Send information between local TE and remote ET

2) CALL_PROC: Call Processing Signaling




3. Switch type:

When configuring ISDN, you must use the isdn switch-type command to specify the switch of the local loop.

Fourth, ISDN troubleshooting command

1. ping: In DDR, the ping command triggers a call. Before the second B channel is up, the router has completed the ping.

2, clear interface bri n: reset the different counters on the interface and abort the connection on the interface.

3, show interface bri n: display information about the ISDN BRI D channel

4, show interface bri n 1 2: Display the B channel information of ISDN BRI.

5, show controller bri: display interface hardware controller information and U interface for Cisco TAC processing failure.

6, show isdn status: display ISDN interface status and detailed information of each layer.

7, show dialer: display information about the DDR connection, including dial-up, successful connection, IDLE time, number of calls.

8, show ppp multilink:

Five, debugging ISDN

1. debug bri: Provides information about the BRI B channel, including bandwidth information.

2. debug isdn q921: Obtain information about the interface D channel, and D information is used to transmit signaling between the switch and the local ISDN device.

3, debug dialer: the reason for the call connection and the status of the connection.

4, debug isdn q931: Monitor events that occur at Layer 3.

Cause ID shows the reason why the call was rejected;

The information sent and returned by the CallRef ID to analyze a specific session of a different call between the router and the switch.

5, debug ppp negotiation: provide real-time information to establish a PPP session, can see CHAP and PAP authentication

6, debug ppp packet: report real-time PPP packet flow, including the type of packet and the B channel used

Chapter 4

Switched Ethernet troubleshooting

First, Switch, Bridge, Hub

Broadcast domain: controlled by Router

Conflict domain: controlled by Switch or Bridge

Switch and Hub comparison:

Type Switch Hub

Unicasts are only sent to the target, sent to all ports

Broadcasts sends all ports in the same VLAN to all ports

Aggregate bandwidth equals the bandwidth of each port × the number of ports equals the media rate

Full/half-duplex full duplex connection only half duplex

Support for mixed media: Token Ring, Ethernet, FDDI... Depending on the switch, it can be transferred between different frame types and physical media. Only the same media is supported.

Mixed media support depends on bridge configuration

Processing frame hardware (ASIC) software or

Number of ports from 4 to over 100, usually less than 16

Frame type conversion relies on bridge configuration

Second, Catalyst troubleshooting tool

1, Catalyst command line interface:

The command line interface has Native mode and Hybrid mode. Native mode configures Layer 3 and Layer 2 together; Mixed mode configures Layers 3 and 2 on different CLIs, often based on the set-based CLI.

2. CLI in mixed mode:

1) show system: high-level summary information about switch, including power status, uptime, and management settings

2) show port: Display information about all ports on a specified port or a module (VLAN, rate, duplex, status, type, ...)

3) show log: report important events, including restart, trap, power failure, ... of all modules.

4) show logging buffer: equivalent to the show log command of the router, according to the logging level, report port up or down, STP, ...

5) show interface: Reports the IP configuration on the management module and the VLAN information on the SC0 interface. (sl0, sc0)

6) show cdp: display adjacent CISCO device information

7) show config: Equivalent to the show running-config command, showing all settings on the switch except for MSFC, etc., showing only non-default settings. Show config all shows all settings.

8) show test: displays only the status of the switch management module, including interface card, power supply, and memory.

9) show mac: displays a large number of counts, including per-port frame traffic, total number of outgoing and incoming frames, discard, ...

10)show vtp domain:

11) show cam: display the MAC address associated with the port

12) Duplicate MAC address

13) show spantree: display the SPT process status of each VLAN

14)show version: display hardware and software version number, including memory, system UP time statistics, etc.

3, RMON (Remote Monitoring)

RMON collects data information from circuits (physical media) based on RMONProbe. Routers and switches do not support RMON information of all levels. More monitoring can be implemented by SPAN (Switched Port Analyzer, also known as Port Mirroring port monitoring).

4, the indicator light:

The management engine contains a load LED that alerts the switch to the current load. During the startup process, the LED will flash; under normal circumstances, the LED is always green; the orange LED indicates a problem; the red LED indicates a fault.

Third, use STP control loop

The STP algorithm is defined in 802.1D to control repeated paths when multiple switches are used to avoid network loops.

When Cisco uses Port fast and Uplink fast, it is necessary to prevent network loops.

Fourth, VLAN

VLAN has port-based static VLAN and MAC-based dynamic VLAN

1. ISL: Cisco proprietary protocol for connecting two devices to support multiple VLANs.

ISL can only be used on products that support ISL:

ISL must be peer-to-peer

ISL is only used for 100Mb full duplex

ISL requires router IOS and memory upgrades;

ISL can support Token Ring;

ISL adds 30Bit to the original frame;

The ISL contains a CRC at the end of the frame.

2. 802.1Q: Used to connect non-Cisco trunks to Cisco devices.

3. VTP: VTP uses multicast to notify all other switches in the VTP domain about the VLANs in the domain.

VTP server:

VTP client

Five, cable problems

Physical layer standard:

Cable 10Mb 100Mb

Category 3 line distance 100m not available

Category 5 distance 100m 100m

Multimode fiber distance 2000m 2000m

Single mode fiber distance up to 100km up to 100km

1, cable problems:

1) Multimeters and Cable Testers

Multimeters and Volt-ohms are used to verify cable connectivity and can only be used to test copper or other electrical signal-based cables and cannot be used to test optical fibers.

Cable Testers can test both cable and fiber optic cable, providing users with more information about the cable being tested, such as: connectivity, open circuit, short circuit, long distance, noise, MAC information, line load,... .

2) Time domain reflectors (TDRs) and optical time domain reflectors (OTDRs)

TDR is a more complicated cable tester, which can be used to locate the abnormality of the electric circuit, such as open circuit, short circuit, curl, etc.

2, cross line

The crossover cable is used to directly connect two hosts and connect two network devices.

Ethernet uses 1, 2, 3, 6 four cores (white orange, orange, white green, green), while the T1 circuit uses four cores 1, 2, 3, and 5 of RJ-45.

Sixth, switch connection troubleshooting

Common faults that occur on switches have rate and duplex settings

1. SPAN (Switched Port Analyzer): Also called Port Mirroring switch copies all packets sent to the workstation interface to another interface that is not assigned a VLAN.

Set span enable ; configure SPAN

Use SPAN to monitor both received, sent, or all packets.

2. Multilayer Switching Feature Card (MSFC) and Catalyst Routing:

The MSFC is a Cisco router on the daughter board that is installed on the management module to provide inter-VLAN routing.

Access MSFC: session under the CLI

3. VLAN between router and switch:

The router provides communication between VLANs.

1) Broadcast management:

The router does not forward the broadcast, and the switch controls the broadcast to only forward to the port that is the member of the VLAN of the source port.

2) Policy control: the switch has no policy, and the router provides security and policy control for connecting VLANs.

3) VLAN switching: forwarding a packet to a different interface of the same VLAN through the router

4) VLAN transmission: Two VLANs or VLAN protocols using different VLAN protocols are transmitted to the non-VLAN Layer 2 protocol.

5) Routing: communication between different VLANs or non-VLAN networks

6) VLAN troubleshooting on the router:

Show vlans

Show arp

Show interface

Show cdp neighbor

Debug vlan packet

Debug spantree

7) show vlans: Execute on the router, showing the details of the router VLAN configuration, including: VLAN name, interface, IP address, VLAN encapsulation protocol, interface protocol.

8) debug vlan packet: The VLAN that determines the data sent to the router on the trunk.

3, VLAN design and troubleshooting

Note on VLAN design:

1) The network diameter should be less than 8 switches;

2) The VLAN must be numbered within a certain limit;

Seven, mixed / local mode command conversion

Mixed mode native mode explanation

Clear vlan No vlan removes the VLAN from the configuration

Set cam agingtime Mac-address-table aging-time Set the timeout value of the reserved MAC address.

Set port dulex Duplex configures duplex on a specific port

Set port name Description Set the port name

Set port speed speed Set the port speed

Se tspan Monitor session setting SPAN port

Set spantree Spanning-tree Set STP information

Set vlan Switchport access vlan Assign a port to a given VLAN

Show cam dynamic Show mac-address-table dynamic Display MAC to port relationship

Show port Show interface Display port information

Show span Show monitor Show SPAN port

Show test Show diagnostic shows startup test results

Show version Show version Display switch IOS version information

Show vlan Show vlan Display VLAN information

Show vtp domain Show vtp status Display VTP information

Chapter 5

Separate and correct physical layer and data link layer failures

1, identify the symptoms of the physical layer problem

Physical layer components include: interfaces/ports, modules, cables, repeaters, network cards, converters, and more.

Physical layer problems will result in complete or intermittent loss of data on the link, application failure, and low data transfer rate.

The port of the device and the LEDs of the specific components are stable during normal operation, and the LED status will be turned off, blinking or other colors when the fault occurs.

2, identify the symptoms of the data link layer problem

Data link layer issues include: abnormal frame types (inconsistent encapsulation), duplicate MAC addresses, swapping, etc. Layer device misbehavior.

Layer 2 and Layer 3 test tools (CDP, PING) can help verify and verify data link layer issues.

3. Commands and applications for separating physical layer and data link layer issues:

1) ES command:

Ping host|ip-address ;

Arp a ;

Netstat rn;

Ipconfig /all ;

Tracert ;

Winipcfg ;

Ifconfig a ;

Traceroute ;

2) Cisco IOS commands

Ping ;

Traceroute ;

Debug ;

Show version ;

Show ip interface brief ;

Show interface e 1 ;

Show cdp neighbor detail ;

Show controllers ;

Debug ppp|isdn|serial|asynch|frame-relay

Show arp ;

Debug arp|lapb|stun ;

4. Correct commands and applications that occur at the physical layer and data link layer

Arp d ;

Interface ;

No shutdown ;

Encapsulation ;

Clock rate ;

Controller ;

Duplex full|half|auto

Speed 10|100|auto

1) Command to correct T1|E1 problem

Channel-group channel-no timeslots timeslot-list speed 56|64

Clock source line|internal

Framing sf|esf;framing crc4|no-crc4

Linecode ami|b8zs;linecode ami|hdb3

Pri-group timeslote range

Chapter 6

Separate and correct network layer problems

1, the symptoms of the network layer problem

2. ES command to separate network layer problems

1) General order:


Arp a



Route print

Ipconfig /all




Ifconfig a


Route n

3. Cisco IOS commands to isolate network layer problems

1) General:




Show running-config

2) ARP

Show ip arp

Debug arp

3) Routing table

Show ip route

Debug ip routing

4) IP interface

Show ip interface brief

5) BGP

Show ip bgp

Show ip bgp summary

Show ip bgp neighbors

Debug ip bgp

6) IP traffic

Show ip traffic

Debug ip icmp

Debug ip packet

7) IP access list

Show ip access-list

Cisco Pass Report View More >

CCIE Security Written
Jul 18, 2019
CCIE Security Written
CCIE RS Written
Jul 18, 2019
CCIE RS Written
CCIE RS Written
Jul 18, 2019
CCIE RS Written
CCIE Security Written
Jul 18, 2019
CCIE Security Written
Jul 18, 2019
CCIE Data Center Written
Jul 17, 2019
CCIE Data Center Written
CCIE Security Lab
Jul 17, 2019
CCIE Security Lab
Jul 17, 2019
CCIE RS Written
Jul 17, 2019
CCIE RS Written
CCIE RS Written
Jul 17, 2019
CCIE RS Written