Please enable JavaScript.
Coggle requires JavaScript to display documents.
Troubleshooting Ethernet LANs by Namrata Vichare (Layer 3 Problem…
Troubleshooting Ethernet LANs
by Namrata Vichare
Applying Troubleshooting Methodologies
Problem Isolation and Documentation
Problem Isolation
What do you know about the problem?
Confirm that there is a problem
Determine which devices & cables are problematic
Eventually uncover the root cause of the problem
Documentation
Document findings in a Problem Tracking System
Resolve or Escalate
Resolve
Find Root Cause and try to fix it
Escalate
Technical/Management support
Verify or Monitor
Verify
Verify that it really worked
Mostly with the help of few commands
Monitor
Look out for sometime when unaware of what caused the problem
Exam
Isolate root cause
Fix problem
Answer a MCQ about symptoms & root cause
Sim questions
Broken Configuration & we need to fix problem & ans questions
Simlet questions
CLI
Verify the current operation & answer MCQs
Mostly show commands
Layer 3 Problem Isolation
Topology: PC1--SW1--SW2--R1--R2--SW3--WebServer
PC to R1(Default gateway), as web server in different subnet
R1 to R2 (RT)
R2 to Web Server (RT)
Web Server to R2(default gateway)
R2 to R1(RT) Dest. Addr= PC1
R1 to PC1(RT)
If Step 1, 3, 4 or 6 fails, problem might be related to layer 2
e.g. step 1 fails
to find root problem, determine:
MAC of PC1 & R1's LAN interface
SW1 & SW2 interface
Interface status of each switch interface
VLANs that should be used
expected forwarding behavior of a frame from PC1 to R1
Analyzing Switch Interface Status & Statistics
Interface Status codes
two-code status
line status
status refers to whether L1 is working
protocol status
status refers to whether L2 is working
administratively down
down
disabled
The shutdown command is configured on the interface.
down
down
notconnect
No cable; bad cable; wrong cable pinouts
Installation of an electric equipment
damaged cable
Macrobending: A bend too tight prevents from transmitting bits
speed mismatch
Neighboring device is
powered off
shutdown
error disabled
down (err-disabled)
err-disabled
Port security has disabled the interface.
up
up
Connected
Interface is working
down
Notconnect
Not expected on LAN switch physical
interfaces(SW1-HDLC; SW2-P2P)
Interface Speed & Duplex Issues
Autonegotiation
Both devices
fastest speed supported by both
full duplex if supported by both devices, else half
Present on only 1 device
Defaults
Speed not known
10 Mbps, half
Speed Known
10/100 Mbps
half
1000 Mbps(1Gbps)
Always full
Problem
Duplex mismatch
Interface in connected(up/up) state
Poor performance
Solution: check duplex setting on each end
Speed Mismatch
L1 Problems on working Interfaces(up/up)
error detection on the receiving end is not conveyed to the sender
Discard frame & count as an i/p error
counters for knowing potential errors
Runts
frames < 64 B
collisions
Giants
Frames > 1518 B
I/P Errors
Runts+Giants+NoBuffer+CRC+frame+overrun+ignoredCounts
CRC
Received frames not passing FCS
collisions
Frame
Received frames having an illegal format
collisions
If CRC grows, but collisions don't, the problem might be interference on the cable
Packet O/P
Total #packets forwarded out the I/F
O/P Errors
Total # packets, switch tried to transmit, but for which some problem occurred
Collisions
Counter of all collisions when I/F is transmitting a frame
Late Collisions
Subset of all collisions that happen after the 64th byte of the frame has been transmitted.
In a properly working ethernet LAN, Collisions should occur within the 1st 64 bytes
occur due to duplex mismatch
collisions occur due to the half duplex logic of CSMA/CD
CSMA/CD
Send a jam signal
Wait a random time
Try again
Predicting where Switches will Forward Frames
Predicting the Contents of the MAC Address Table
Look at the network topology diagram & figure the contents of the MAC table of each switch
MAC table: VLAN; Add; I/F
Check the MAC table
dynamic
of switches
Analyzing the Forwarding Path
Process functions on Incoming I/F
I/F is currently up/up (connected)
If configured, apply port security logic to filter
If port=access, find I/F's access VLAN
If port = trunk, find frame's tagged VLAN
Making a Forwarding Decision
Look at MAC tables only for VLANs identified in step 1
Unicast
Found: Forward to I/F in MAC table
Not Found: Flood to all I/Fs except the one that it came from
Broadcast
Flood (same as unicast not found)
Analyzing Port Security Operations on an I/F
Routers & Switches can be configured with ACL(Access Control Lists)
Examine packets/frames being sent/received on an I/F, with router/switch discarding those packets/frames
Basic Features
Limit which MAC addr can send/receive frames on a switch I/F, discarding frames to/from other MAC Addr
Limit # of MAC addr using the I/F, discarding frames to/from MAC addresses learned after max limit is reached
A combination of previous 2 points
Process to find port-security issues
Identify all I/Fs on which port security is enabled
check security violation using violation mode
shutdown
I/F = err-disabled, port security status= secure down
Recover from an err-disabled state
shut down I/F with
shutdown
enable using
no shutdown
Port Status = secure-shutdown
Violation Mode = Shutdown
Last Source Address:VLAN
Security Violation Count = 1
restrict
I/F= connected; port security status = secure up
show port-security interface
displays increment in violations counter
protect
I/F = connected;
show port-security interface
displays no increment in violations counter
check configuration & then check the Last Source Address in
show port-security interface
Line(L1)
Protocol(L2)
Interface
Typical Root cause