Senior Acquisitions Editor: Kenyon Brown Development Editor: Kim Wimpsett



Yüklə 22,5 Mb.
Pdf görüntüsü
səhifə28/69
tarix26.10.2019
ölçüsü22,5 Mb.
#29436
1   ...   24   25   26   27   28   29   30   31   ...   69
Todd Lammle CCNA Routing and Switching


0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog, 58822 multicast, 0 pause input

0 input packets with dribble condition detected

2392529 packets output, 337933522 bytes, 0 underruns

0 output errors, 0 collisions, 1 interface resets

0 babbles,



0 late collision, 0 deferred

0 lost carrier, 0 no carrier, 0 PAUSE output

0 output buffer failures, 0 output buffers swapped out

Finding where to start when troubleshooting an interface can be the

difficult part, but certainly we’ll look for the number of input errors and

CRCs right away. Typically we’d see those statistics increase with a duplex

error, but it could be another Physical layer issue such as the cable might


be receiving excessive interference or the network interface cards might

have a failure. Typically you can tell if it is interference when the CRC and

input errors output grow but the collision counters do not.

Let’s take a look at some of the output:



No buffer This isn’t a number you want to see incrementing. This means

you don’t have any buffer room left for incoming packets. Any packets

received once the buffers are full are discarded. You can see how many

packets are dropped with the ignored output.



Ignored If the packet buffers are full, packets will be dropped. You see

this increment along with the no buffer output. Typically if the no buffer

and ignored outputs are incrementing, you have some sort of broadcast

storm on your LAN. This can be caused by a bad NIC or even a bad

network design.

I’ll repeat this because it is so important for the exam

objectives: Typically if the no buffer and ignored outputs are

incrementing, you have some sort of broadcast storm on your LAN.

This can be caused by a bad NIC or even a bad network design.

Runts Frames that did not meet the minimum frame size requirement of

64 bytes. Typically caused by collisions.



Giants Frames received that are larger than 1518 bytes

Input Errors This is the total of many counters: runts, giants, no buffer,

CRC, frame, overrun, and ignored counts.



CRC At the end of each frame is a Frame Check Sequence (FCS) field that

holds the answer to a cyclic redundancy check (CRC). If the receiving

host’s answer to the CRC does not match the sending host’s answer, then

a CRC error will occur.



Frame This output increments when frames received are of an illegal

format, or not complete, which is typically incremented when a collision

occurs.

Packets Output Total number of packets (frames) forwarded out to the

interface.



Output Errors Total number of packets (frames) that the switch port

tried to transmit but for which some problem occurred.



Collisions When transmitting a frame in half-duplex, the NIC listens on

the receiving pair of the cable for another signal. If a signal is transmitted

from another host, a collision has occurred. This output should not

increment if you are running full-duplex.



Late Collisions If all Ethernet specifications are followed during the

cable install, all collisions should occur by the 64th byte of the frame. If a

collision occurs after 64 bytes, the late collisions counter increments. This

counter will increment on a duplex mismatched interface, or if cable

length exceeds specifications.

A duplex mismatch causes late collision errors at the end of the

connection. To avoid this situation, manually set the duplex

parameters of the switch to match the attached device.

A duplex mismatch is a situation in which the switch operates at full-

duplex and the connected device operates at half-duplex, or vice versa.

The result of a duplex mismatch is extremely slow performance,

intermittent connectivity, and loss of connection. Other possible causes of

data-link errors at full-duplex are bad cables, a faulty switch port, or NIC

software or hardware issues. Use the

show interface

command to verify

the duplex settings.

If the mismatch occurs between two Cisco devices with Cisco Discovery

Protocol enabled, you will see Cisco Discovery Protocol error messages on

the console or in the logging buffer of both devices.

%CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on

FastEthernet0/2 (not

half duplex)

Cisco Discovery Protocol is useful for detecting errors and for gathering

port and system statistics on nearby Cisco devices. CDP is covered in

Chapter 7.



Verifying with the show ip interface Command

The


show ip interface

command will provide you with information



regarding the layer 3 configurations of a router’s interface, such as the IP

address and subnet mask, MTU, and if an access list is set on the

interface:

Router#


sh ip interface

FastEthernet0/0 is up, line protocol is up

Internet address is 1.1.1.1/24

Broadcast address is 255.255.255.255

Address determined by setup command

MTU is 1500 bytes

Helper address is not set

Directed broadcast forwarding is disabled

Outgoing access list is not set

Inbound access list is not set

Proxy ARP is enabled

Security level is default

Split horizon is enabled

[output cut]

The status of the interface, the IP address and mask, information on

whether an access list is set on the interface, and basic IP information are

all included in this output.

Using the show ip interface brief Command

The


show ip interface brief

command is probably one of the best

commands that you can ever use on a Cisco router or switch. This

command provides a quick overview of the devices interfaces, including

the logical address and status:

Router#


sh ip int brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 unassigned YES unset up up

FastEthernet0/1 unassigned YES unset up up

Serial0/0/0 unassigned YES unset up down

Serial0/0/1 unassigned YES unset administratively down

down

Serial0/1/0 unassigned YES unset administratively down



down

Serial0/2/0 unassigned YES unset administratively down

down

Remember, administratively down means that you need to type



no

shutdown


in order to enable the interface. Notice that Serial0/0/0 is

up/down, which means that the Physical layer is good and carrier detect

is sensed but no keepalives are being received from the remote end. In a


nonproduction network, like the one I am working with, this tells us the

clock rate hasn’t been set.



Verifying with the show protocols Command

The


show protocols

command is also a really helpful command that you’d

use in order to quickly see the status of layers 1 and 2 of each interface as

well as the IP addresses used.

Here’s a look at one of my production routers:

Router#


sh protocols

Global values:

Internet Protocol routing is enabled

Ethernet0/0 is administratively down, line protocol is down

Serial0/0 is up, line protocol is up

Internet address is 100.30.31.5/24

Serial0/1 is administratively down, line protocol is down

Serial0/2 is up, line protocol is up

Internet address is 100.50.31.2/24

Loopback0 is up, line protocol is up

Internet address is 100.20.31.1/24

The


show ip interface brief

and


show protocols

commands provide the

layer 1 and layer 2 statistics of an interface as well as the IP addresses.

The next command,

show controllers

, only provides layer 1 information.

Let’s take a look.

Using the show controllers Command

The


show controllers

command displays information about the physical

interface itself. It’ll also give you the type of serial cable plugged into a

serial port. Usually, this will only be a DTE cable that plugs into a type of

data service unit (DSU).

Router#


sh controllers serial 0/0

HD unit 0, idb = 0x1229E4, driver structure at 0x127E70

buffer size 1524 HD unit 0,

V.35 DTE cable

Router#


sh controllers serial 0/1

HD unit 1, idb = 0x12C174, driver structure at 0x131600

buffer size 1524 HD unit 1,

V.35 DCE cable

Notice that serial 0/0 has a DTE cable, whereas the serial 0/1 connection

has a DCE cable. Serial 0/1 would have to provide clocking with the

clock


rate

command. Serial 0/0 would get its clocking from the DSU.



Let’s look at this command again. In

Figure 6.5

, see the DTE/DCE cable

between the two routers? Know that you will not see this in production

networks!

FIGURE 6.5

Where do you configure clocking? Use the

show

controllers



command on each router’s serial interface to find out.

Router R1 has a DTE connection, which is typically the default for all

Cisco routers. Routers R1 and R2 can’t communicate. Check out the

output of the

show controllers s0/0

command here:

R1#

sh controllers serial 0/0

HD unit 0, idb = 0x1229E4, driver structure at 0x127E70

buffer size 1524 HD unit 0,

V.35 DCE cable

The


show controllers s0/0

command reveals that the interface is a V.35

DCE cable. This means that R1 needs to provide clocking of the line to

router R2. Basically, the interface has the wrong label on the cable on the

R1 router’s serial interface. But if you add clocking on the R1 router’s

serial interface, the network should come right up.

Let’s check out another issue in

Figure 6.6

that you can solve by using the

show


controllers

command. Again, routers R1 and R2 can’t

communicate.



FIGURE 6.6

By looking at R1, the

show controllers

command reveals

that R1 and R2 can’t communicate.

Here’s the output of R1’s

show controllers s0/0

command and

show ip

interface s0/0



:

R1#


sh controllers s0/0

HD unit 0, idb = 0x1229E4, driver structure at 0x127E70

buffer size 1524 HD unit 0,

DTE V.35 clocks stopped

cpb = 0xE2, eda = 0x4140, cda = 0x4000

R1#

sh ip interface s0/0

Serial0/0 is up, line protocol is down

Internet address is 192.168.10.2/24

Broadcast address is 255.255.255.255

If you use the

show controllers

command and the

show ip interface

command, you’ll see that router R1 isn’t receiving the clocking of the line.

This network is a nonproduction network, so no CSU/DSU is connected

to provide clocking for it. This means the DCE end of the cable will be

providing the clock rate—in this case, the R2 router. The

show ip

interface



indicates that the interface is up but the protocol is down,

which means that no keepalives are being received from the far end. In

this example, the likely culprit is the result of bad cable, or simply the

lack of clocking.



Summary

This was a fun chapter! I showed you a lot about the Cisco IOS, and I

really hope you gained a lot of insight into the Cisco router world. I

started off by explaining the Cisco Internetwork Operating System (IOS)

and how you can use the IOS to run and configure Cisco routers. You

learned how to bring a router up and what setup mode does. Oh, and by

the way, since you can now basically configure Cisco routers, you should


never use setup mode, right?

After I discussed how to connect to a router with a console and LAN

connection, I covered the Cisco help features and how to use the CLI to

find commands and command parameters. In addition, I discussed some

basic

show


commands to help you verify your configurations.

Administrative functions on a router help you administer your network

and verify that you are configuring the correct device. Setting router

passwords is one of the most important configurations you can perform

on your routers. I showed you the five passwords you must set, plus I

introduced you to the hostname, interface description, and banners as

tools to help you administer your router.

Well, that concludes your introduction to the Cisco IOS. And, as usual,

it’s super-important for you to have the basics that we went over in this

chapter down rock-solid before you move on to the following chapters!



Exam Essentials

Describe the responsibilities of the IOS. The Cisco router IOS

software is responsible for network protocols and providing supporting

functions, connecting high-speed traffic between devices, adding security

to control access and prevent unauthorized network use, providing

scalability for ease of network growth and redundancy, and supplying

network reliability for connecting to network resources.



List the options available to connect to a Cisco device for

management purposes. The three options available are the console

port, auxiliary port, and in-band communication, such as Telnet, SSH,

and HTTP. Don’t forget, a Telnet connection is not possible until an IP

address has been configured and a Telnet password has been configured.



Understand the boot sequence of a router. When you first bring up

a Cisco router, it will run a power-on self-test (POST), and if that passes,

it will look for and load the Cisco IOS from flash memory, if a file is

present. The IOS then proceeds to load and looks for a valid configuration

in NVRAM called the startup-config. If no file is present in NVRAM, the

router will go into setup mode.



Describe the use of setup mode. Setup mode is automatically started

if a router boots and no startup-config is in NVRAM. You can also bring



up setup mode by typing

setup

from privileged mode. Setup provides a

minimum amount of configuration in an easy format for someone who

does not understand how to configure a Cisco router from the command

line.

Differentiate user, privileged, and global configuration modes,

both visually and from a command capabilities perspective.

User mode, indicated by the



routername>

prompt, provides a command-

line interface with very few available commands by default. User mode

does not allow the configuration to be viewed or changed. Privileged

mode, indicated by the

routername#

prompt, allows a user to both view

and change the configuration of a router. You can enter privileged mode

by typing the command



enable

and entering the enable password or

enable secret password, if set. Global configuration mode, indicated by

the


routername(config)#

prompt, allows configuration changes to be

made that apply to the entire router (as opposed to a configuration

change that might affect only one interface, for example).



Recognize additional prompts available in other modes and

describe their use. Additional modes are reached via the global

configuration prompt,



routername(config)#

, and their prompts include

interface,

router(config-if)#

, for making interface settings; line

configuration mode,

router(config-line)#

, used to set passwords and

make other settings to various connection methods; and routing protocol

modes for various routing protocols;



router(config-router)#

, used to

enable and configure routing protocols.

Access and utilize editing and help features. Make use of typing a

question mark at the end of commands for help in using the commands.

Additionally, understand how to filter command help with the same

question mark and letters. Use the command history to retrieve

commands previously utilized without retyping. Understand the meaning

of the caret when an incorrect command is rejected. Finally, identify

useful hot key combinations.

Identify the information provided by the

show version



command.

The


show version

command will provide basic configuration for the

system hardware as well as the software version, the names and sources

of configuration files, the configuration register setting, and the boot

images.


Set the hostname of a router. The command sequence to set the

hostname of a router is as follows:

enable

config t


hostname Todd

Differentiate the enable password and enable secret password.

Both of these passwords are used to gain access into privileged mode.

However, the enable secret password is newer and is always encrypted by

default. Also, if you set the enable password and then set the enable

secret, only the enable secret will be used.

Describe the configuration and use of banners. Banners provide

information to users accessing the device and can be displayed at various

login prompts. They are configured with the

banner


command and a

keyword describing the specific type of banner.



Set the enable secret on a router. To set the enable secret, you use

the global config command

enable secret

. Do not use

enable secret

password


password

or you will set your password to



password

password

.

Here is an example:



enable

config t


enable secret todd

Set the console password on a router. To set the console password,

use the following sequence:

enable

config t


line console 0

password todd

login

Set the Telnet password on a router. To set the Telnet password,

the sequence is as follows:

enable

config t


line vty 0 4

password todd

login

Describe the advantages of using Secure Shell and list its


requirements. Secure Shell (SSH) uses encrypted keys to send data so

that usernames and passwords are not sent in the clear. It requires that a

hostname and domain name be configured and that encryption keys be

generated.



Describe the process of preparing an interface for use. To use an

interface, you must configure it with an IP address and subnet mask in

the same subnet of the hosts that will be connecting to the switch that is

connected to that interface. It also must be enabled with the

no shutdown

command. A serial interface that is connected back to back with another

router serial interface must also be configured with a clock rate on the

DCE end of the serial cable.



Understand how to troubleshoot a serial link problem. If you

type


show interface serial 0/0

and see


down, line protocol is down

,

this will be considered a Physical layer problem. If you see it as



up, line

protocol is down

, then you have a Data Link layer problem.

Understand how to verify your router with the

show interfaces

command

. If you type



show interfaces

, you can view the statistics for the

interfaces on the router, verify whether the interfaces are shut down, and

see the IP address of each interface.



Describe how to view, edit, delete, and save a configuration.

The


show running-config

command is used to view the current

configuration being used by the router. The

show startup-config

command displays the last configuration that was saved and is the one

that will be used at next startup. The

copy running-config startup-

config


command is used to save changes made to the running

configuration in NVRAM. The

erase startup-config

command deletes

the saved configuration and will result in the invocation of the setup

menu when the router is rebooted because there will be no configuration

present.

Written Lab 6: IOS Understanding

In this section, you’ll complete the following lab to make sure you’ve got

the information and concepts contained within them fully dialed in:

Lab 6.1: IOS Understanding

You can find the answers to this lab in Appendix A, “Answers to


Written Labs.”

Write out the command or commands for the following questions:

1.  What command is used to set a serial interface to provide clocking to

another router at 1000 Kb?

2.  If you telnet into a switch and get the response

connection refused,

password not set

, what commands would you execute on the

destination device to stop receiving this message and not be prompted

for a password?

3.  If you type

show int fastethernet 0/1

and notice the port is

administratively down, what commands would you execute to enable

the interface?

4.  If you wanted to delete the configuration stored in NVRAM, what

command(s) would you type?

5.  If you wanted to set the user-mode password to todd for the console

port, what command(s) would you type?

6.  If you wanted to set the enable secret password to cisco, what

command(s) would you type?

7.  If you wanted to determine if serial interface 0/2 on your router

should provide clocking, what command would you use?

8.  What command would you use to see the terminal history size?

9.  You want to reinitialize the switch and totally replace the running-

config with the current startup-config. What command will you use?

10.  How would you set the name of a switch to Sales?



Yüklə 22,5 Mb.

Dostları ilə paylaş:
1   ...   24   25   26   27   28   29   30   31   ...   69




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin