Professional Documents
Culture Documents
This router’s
interface
E0 not shown
Nice listing.
show cdp neighbors detail
Shows:
Remote IP Address Model Capabilities: Router, switch, etc.
This router’s interface Remote router’s interface Holdtime
IOS version
Testing Process Overview
Layer 7 to Layer 7 Testing
Telnet From Router to Router
RouterA>telnet 10.1.1.1
Trying 10.1.1.1 ... Open
RouterA>telnet 10.1.1.1
Trying 10.1.1.1 ... Open
You must have the vty password set on the remote routers.
We will always use cisco as our vty passwords!
Telnet From Router to Router
RouterA>telnet 10.1.1.1
Trying 10.1.1.1 ... Open
Password:cisco
RouterB>ena Cannot enter privilege mode because there is no privilege
% No password set password (enable secret). Can only enter this mode from
RouterB>exit the console until the password is created.
RouterA>telnet 10.1.1.1
Trying 10.1.1.1 ... Open
Password:cisco
RouterB>ena
Password:class
RouterB#exit
[Connection to 10.1.1.1 closed by foreign host]
RouterA>
Password:cisco
RouterB>
RouterB> <control-shift-6, x>
RouterA>show sessions
Conn Host Address Byte Idle Conn Name
* 1 10.1.1.1 10.1.1.1 0 0 10.1.1.1
RouterA> <enter>
[Resuming connection 1 to 10.1.1.1 ... ]
RouterB>exit
Password:
RouterB>
If you can’t ping, you won’t be able to telnet or traceroute to the router (or
other device).
We will cover ping in much more detail with the presentation: ICMP –
Understanding ping and trace.
Testing with the trace Command
If you can’t ping, you won’t be able to telnet or traceroute to the router (or
other device).
We will cover ping in much more detail with the presentation: ICMP –
Understanding ping and trace.
Note: Trace Route
The trace command is the ideal tool for finding where data is being sent in
your network.
The trace command is similar to the ping command, except that instead of
testing end-to-end connectivity, trace tests each step along the way.
– Along the way there, however the packets may take a different route on
the way back, which is very common with Internet packets.
This operation can be performed at either the user or privileged EXEC
levels.
The trace command takes advantage of the error messages generated by
routers when a packet exceeds its Time To Live (TTL) value.
The trace command sends several packets and displays the round-trip time
for each.
The benefit of the trace command is that it tells which router in the path
was the last one to be reached.
This is called fault isolation.
Key Troubleshooting Command
The router offers some powerful tools at this point in the search.
You can actually look at the routing table - the directions that the router
uses to determine how it will direct traffic across the network.
The routing table focuses on the network layer.
Use the show ip route command to determine whether a routing table
entry exists for the target network and what the next-hop is.
More on routing tables in Ch. 11 Routing and Ch. 12 Routing Protocols.
Testing at Layer 1 and 2
When you test the physical and data link, you ask these questions:
Is there a Carrier Detect signal?
Is the physical link between devices good?
Are the keepalive messages being received?
Can data packets be sent across the physical link?
Key Troubleshooting Command
The line status in this example is triggered by a Carrier Detect signal, and
refers to the physical layer status.
However, the line protocol, triggered by keepalive frames, refers to the
data link framing.
Must be “up” and “up” to be operational.
A point-to-point serial link will not show “up” and “up” unless both sides are
properly configured – I.e. It might not be this end by the other side of the
serial link which is causing the problem.
Interface Statistics
Interface Statistics
RouterA#show inter serial 0
Serial0 is up, line protocol is down
Hardware is HD64570
Internet address is 10.1.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation HDLC, loopback not set, keepalive set (10 sec)
Last input 00:00:08, output 00:00:08, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0 (size/max/drops); Total output drops: 0
Queueing strategy: weighted fair
<text omitted>
<text omitted>
<text omitted>
<text omitted>
<text omitted>
clear counters
Clearing the Interface Stats
RouterB#show inter serial 0
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 10.1.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation HDLC, loopback not set, keepalive set (10 sec)
Last input 00:00:09, output 00:00:09, output hang never
Last clearing of "show interface" counters 00:00:12
Input queue: 0/75/0 (size/max/drops); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/2/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
2 packets input, 44 bytes, 0 no buffer
Received 2 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
2 packets output, 44 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
RouterB#
RouterB#debug ip rip
RIP protocol debugging is on
<debug output>
RouterB#undebug ip rip Turning off the specific debug.
RIP protocol debugging is off
RouterB#undebug all
OR Turning all debugging off, easier to use.
RouterB#un all
All possible debugging has been turned off
RouterB#
This will send debug and error messages to your telnet session.
This will send these messages to all telnet sessions, anyone who is
logged into the router via telnet.
Also verify that the no logging on command has not been used.
.
Logging <ip address> Command
Logging Messages to a Syslog Server
To log messages to the syslog server host, use the logging router
configuration command.
The full syntax of this command follows:
Router(config)#logging <ip-address>
Router(config)#no logging <ip-address>
.
Syslog software
When debugs are running, you don't usually see the router prompt,
especially when the debug is intensive.
However, in most cases, you can use the no debug all or undebug all
commands to stop the debugs.
You can also use the logging synchronous command to ensure that
the router prompt is returned in the midst of the debug output.
This will make debugs much easier to read and also make it easier for
you to type commands when debugs are in process.
Otherwise, the router prompt and your command input will be mixed in
with the debug output.
Your commands will still work, but it will make it harder to type in as the
individual characters will be interrupted and mixed in with the output.
A sample configuration on the console port is provided:
Router(config)#line con 0
Router(config-line)#logging synchronous
Router(config-line)#
Example:
Router# debug ip packet
IP: s=172.16.13.44 (Fddi0), d=10.125.254.1 (Serial2), g=172.16.16.2, forward
IP: s=172.16.1.57 (Ethernet4), d=10.36.125.2 (Serial2), g=172.16.16.2, forward
RouIP: s=172.16.1.6 (Ethernet4), d=255. ter>255.255.255, rcvd 2
IP: s=172.16.1.55 (Ethernet4), d=172.16.2.42 (Fddi0), g=172.16.13.6, forward
IP: s=172.16.89.33 (Ethernet2), ud=10.130.2.156n (Serial2), g=172.16.16.2, forward
IP: des=172.16.1.27 (Ethernet4), d=172.16.43.126 (Fddi1), g=172.16.23.5, forward
IP: s=172.16.1.27 (Ethernet4), d=172.16.43.126 (Fddi0), g=172.16.13.6, forward
IP: s=172.16.20.32 (Ethernet2), d=255.255.255.255, rcvd 2
IP: s=172.16.1.57 (Ethebugrnet4), d=10.36.125.2 (Serial2), g=172.16.16.2, access
denied
IP: s=172.16.13.44 (Fddi0), d=10.125.254.1 (Serial2), g=172.16.16.2, forward
IallP: s=172.16.1.57 (Ethernet4), d=10.36.125.2 (Serial2), g=172.16.16.2, forward
IP: s=172.16.1.6 (Ethernet4), d=255.255.255.255, rcvd 2
Router#