Senior Acquisitions Editor: Kenyon Brown Development Editor: Kim Wimpsett
Yüklə 22,5 Mb. Pdf görüntüsü
|
|
0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 58822 multicast, 0 pause input 0 input packets with dribble condition detected
0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 PAUSE output 0 output buffer failures, 0 output buffers swapped out Finding where to start when troubleshooting an interface can be the difficult part, but certainly we’ll look for the number of input errors and CRCs right away. Typically we’d see those statistics increase with a duplex error, but it could be another Physical layer issue such as the cable might
be receiving excessive interference or the network interface cards might have a failure. Typically you can tell if it is interference when the CRC and input errors output grow but the collision counters do not. Let’s take a look at some of the output: No buffer This isn’t a number you want to see incrementing. This means you don’t have any buffer room left for incoming packets. Any packets received once the buffers are full are discarded. You can see how many packets are dropped with the ignored output. Ignored If the packet buffers are full, packets will be dropped. You see this increment along with the no buffer output. Typically if the no buffer and ignored outputs are incrementing, you have some sort of broadcast storm on your LAN. This can be caused by a bad NIC or even a bad network design. I’ll repeat this because it is so important for the exam objectives: Typically if the no buffer and ignored outputs are incrementing, you have some sort of broadcast storm on your LAN. This can be caused by a bad NIC or even a bad network design.
64 bytes. Typically caused by collisions. Giants Frames received that are larger than 1518 bytes Input Errors This is the total of many counters: runts, giants, no buffer, CRC, frame, overrun, and ignored counts. CRC At the end of each frame is a Frame Check Sequence (FCS) field that holds the answer to a cyclic redundancy check (CRC). If the receiving host’s answer to the CRC does not match the sending host’s answer, then a CRC error will occur. Frame This output increments when frames received are of an illegal format, or not complete, which is typically incremented when a collision occurs.
interface. Output Errors Total number of packets (frames) that the switch port tried to transmit but for which some problem occurred. Collisions When transmitting a frame in half-duplex, the NIC listens on the receiving pair of the cable for another signal. If a signal is transmitted from another host, a collision has occurred. This output should not increment if you are running full-duplex. Late Collisions If all Ethernet specifications are followed during the cable install, all collisions should occur by the 64th byte of the frame. If a collision occurs after 64 bytes, the late collisions counter increments. This counter will increment on a duplex mismatched interface, or if cable length exceeds specifications. A duplex mismatch causes late collision errors at the end of the connection. To avoid this situation, manually set the duplex parameters of the switch to match the attached device. A duplex mismatch is a situation in which the switch operates at full- duplex and the connected device operates at half-duplex, or vice versa. The result of a duplex mismatch is extremely slow performance, intermittent connectivity, and loss of connection. Other possible causes of data-link errors at full-duplex are bad cables, a faulty switch port, or NIC software or hardware issues. Use the show interface command to verify the duplex settings. If the mismatch occurs between two Cisco devices with Cisco Discovery Protocol enabled, you will see Cisco Discovery Protocol error messages on the console or in the logging buffer of both devices. %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/2 (not half duplex) Cisco Discovery Protocol is useful for detecting errors and for gathering port and system statistics on nearby Cisco devices. CDP is covered in Chapter 7. Verifying with the show ip interface Command The
show ip interface command will provide you with information regarding the layer 3 configurations of a router’s interface, such as the IP address and subnet mask, MTU, and if an access list is set on the interface: Router#
sh ip interface FastEthernet0/0 is up, line protocol is up Internet address is 1.1.1.1/24 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled [output cut] The status of the interface, the IP address and mask, information on whether an access list is set on the interface, and basic IP information are all included in this output.
The
show ip interface brief command is probably one of the best commands that you can ever use on a Cisco router or switch. This command provides a quick overview of the devices interfaces, including the logical address and status: Router#
sh ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES unset up up FastEthernet0/1 unassigned YES unset up up Serial0/0/0 unassigned YES unset up down Serial0/0/1 unassigned YES unset administratively down down Serial0/1/0 unassigned YES unset administratively down down Serial0/2/0 unassigned YES unset administratively down down Remember, administratively down means that you need to type no shutdown
in order to enable the interface. Notice that Serial0/0/0 is up/down, which means that the Physical layer is good and carrier detect is sensed but no keepalives are being received from the remote end. In a
nonproduction network, like the one I am working with, this tells us the clock rate hasn’t been set. Verifying with the show protocols Command The
show protocols command is also a really helpful command that you’d use in order to quickly see the status of layers 1 and 2 of each interface as well as the IP addresses used. Here’s a look at one of my production routers: Router#
sh protocols Global values: Internet Protocol routing is enabled Ethernet0/0 is administratively down, line protocol is down Serial0/0 is up, line protocol is up Internet address is 100.30.31.5/24 Serial0/1 is administratively down, line protocol is down Serial0/2 is up, line protocol is up Internet address is 100.50.31.2/24 Loopback0 is up, line protocol is up Internet address is 100.20.31.1/24 The
show ip interface brief and
show protocols commands provide the layer 1 and layer 2 statistics of an interface as well as the IP addresses. The next command, show controllers , only provides layer 1 information. Let’s take a look.
The
show controllers command displays information about the physical interface itself. It’ll also give you the type of serial cable plugged into a serial port. Usually, this will only be a DTE cable that plugs into a type of data service unit (DSU). Router#
sh controllers serial 0/0 HD unit 0, idb = 0x1229E4, driver structure at 0x127E70 buffer size 1524 HD unit 0,
Router#
sh controllers serial 0/1 HD unit 1, idb = 0x12C174, driver structure at 0x131600 buffer size 1524 HD unit 1,
Notice that serial 0/0 has a DTE cable, whereas the serial 0/1 connection has a DCE cable. Serial 0/1 would have to provide clocking with the clock
rate command. Serial 0/0 would get its clocking from the DSU. Let’s look at this command again. In Figure 6.5 , see the DTE/DCE cable between the two routers? Know that you will not see this in production networks!
Where do you configure clocking? Use the show controllers command on each router’s serial interface to find out. Router R1 has a DTE connection, which is typically the default for all Cisco routers. Routers R1 and R2 can’t communicate. Check out the output of the show controllers s0/0 command here: R1#
HD unit 0, idb = 0x1229E4, driver structure at 0x127E70 buffer size 1524 HD unit 0,
The
show controllers s0/0 command reveals that the interface is a V.35 DCE cable. This means that R1 needs to provide clocking of the line to router R2. Basically, the interface has the wrong label on the cable on the R1 router’s serial interface. But if you add clocking on the R1 router’s serial interface, the network should come right up. Let’s check out another issue in Figure 6.6 that you can solve by using the show
controllers command. Again, routers R1 and R2 can’t communicate. FIGURE 6.6 By looking at R1, the show controllers command reveals that R1 and R2 can’t communicate. Here’s the output of R1’s show controllers s0/0 command and show ip interface s0/0 : R1#
sh controllers s0/0 HD unit 0, idb = 0x1229E4, driver structure at 0x127E70 buffer size 1524 HD unit 0,
cpb = 0xE2, eda = 0x4140, cda = 0x4000 R1#
Serial0/0 is up, line protocol is down Internet address is 192.168.10.2/24 Broadcast address is 255.255.255.255 If you use the show controllers command and the show ip interface command, you’ll see that router R1 isn’t receiving the clocking of the line. This network is a nonproduction network, so no CSU/DSU is connected to provide clocking for it. This means the DCE end of the cable will be providing the clock rate—in this case, the R2 router. The show ip interface indicates that the interface is up but the protocol is down, which means that no keepalives are being received from the far end. In this example, the likely culprit is the result of bad cable, or simply the lack of clocking. Summary This was a fun chapter! I showed you a lot about the Cisco IOS, and I really hope you gained a lot of insight into the Cisco router world. I started off by explaining the Cisco Internetwork Operating System (IOS) and how you can use the IOS to run and configure Cisco routers. You learned how to bring a router up and what setup mode does. Oh, and by the way, since you can now basically configure Cisco routers, you should
never use setup mode, right? After I discussed how to connect to a router with a console and LAN connection, I covered the Cisco help features and how to use the CLI to find commands and command parameters. In addition, I discussed some basic show
commands to help you verify your configurations. Administrative functions on a router help you administer your network and verify that you are configuring the correct device. Setting router passwords is one of the most important configurations you can perform on your routers. I showed you the five passwords you must set, plus I introduced you to the hostname, interface description, and banners as tools to help you administer your router. Well, that concludes your introduction to the Cisco IOS. And, as usual, it’s super-important for you to have the basics that we went over in this chapter down rock-solid before you move on to the following chapters! Exam Essentials Describe the responsibilities of the IOS. The Cisco router IOS software is responsible for network protocols and providing supporting functions, connecting high-speed traffic between devices, adding security to control access and prevent unauthorized network use, providing scalability for ease of network growth and redundancy, and supplying network reliability for connecting to network resources. List the options available to connect to a Cisco device for management purposes. The three options available are the console port, auxiliary port, and in-band communication, such as Telnet, SSH, and HTTP. Don’t forget, a Telnet connection is not possible until an IP address has been configured and a Telnet password has been configured. Understand the boot sequence of a router. When you first bring up a Cisco router, it will run a power-on self-test (POST), and if that passes, it will look for and load the Cisco IOS from flash memory, if a file is present. The IOS then proceeds to load and looks for a valid configuration in NVRAM called the startup-config. If no file is present in NVRAM, the router will go into setup mode. Describe the use of setup mode. Setup mode is automatically started if a router boots and no startup-config is in NVRAM. You can also bring up setup mode by typing setup from privileged mode. Setup provides a minimum amount of configuration in an easy format for someone who does not understand how to configure a Cisco router from the command line.
User mode, indicated by the routername> prompt, provides a command- line interface with very few available commands by default. User mode does not allow the configuration to be viewed or changed. Privileged mode, indicated by the
prompt, allows a user to both view and change the configuration of a router. You can enter privileged mode by typing the command enable and entering the enable password or enable secret password, if set. Global configuration mode, indicated by the
routername(config)# prompt, allows configuration changes to be made that apply to the entire router (as opposed to a configuration change that might affect only one interface, for example). Recognize additional prompts available in other modes and describe their use. Additional modes are reached via the global configuration prompt, routername(config)# , and their prompts include interface,
, for making interface settings; line configuration mode,
, used to set passwords and make other settings to various connection methods; and routing protocol modes for various routing protocols; router(config-router)# , used to enable and configure routing protocols.
question mark at the end of commands for help in using the commands. Additionally, understand how to filter command help with the same question mark and letters. Use the command history to retrieve commands previously utilized without retyping. Understand the meaning of the caret when an incorrect command is rejected. Finally, identify useful hot key combinations.
show version command. The
show version command will provide basic configuration for the system hardware as well as the software version, the names and sources of configuration files, the configuration register setting, and the boot images.
Set the hostname of a router. The command sequence to set the hostname of a router is as follows: enable config t
hostname Todd Differentiate the enable password and enable secret password. Both of these passwords are used to gain access into privileged mode. However, the enable secret password is newer and is always encrypted by default. Also, if you set the enable password and then set the enable secret, only the enable secret will be used.
information to users accessing the device and can be displayed at various login prompts. They are configured with the banner
command and a keyword describing the specific type of banner. Set the enable secret on a router. To set the enable secret, you use the global config command enable secret . Do not use enable secret password
password or you will set your password to password password . Here is an example: enable config t
enable secret todd Set the console password on a router. To set the console password, use the following sequence: enable config t
line console 0 password todd login
the sequence is as follows: enable config t
line vty 0 4 password todd login
requirements. Secure Shell (SSH) uses encrypted keys to send data so that usernames and passwords are not sent in the clear. It requires that a hostname and domain name be configured and that encryption keys be generated. Describe the process of preparing an interface for use. To use an interface, you must configure it with an IP address and subnet mask in the same subnet of the hosts that will be connecting to the switch that is connected to that interface. It also must be enabled with the no shutdown command. A serial interface that is connected back to back with another router serial interface must also be configured with a clock rate on the DCE end of the serial cable. Understand how to troubleshoot a serial link problem. If you type
show interface serial 0/0 and see
down, line protocol is down , this will be considered a Physical layer problem. If you see it as up, line protocol is down , then you have a Data Link layer problem.
. If you type show interfaces , you can view the statistics for the interfaces on the router, verify whether the interfaces are shut down, and see the IP address of each interface. Describe how to view, edit, delete, and save a configuration. The
show running-config command is used to view the current configuration being used by the router. The show startup-config command displays the last configuration that was saved and is the one that will be used at next startup. The copy running-config startup- config
command is used to save changes made to the running configuration in NVRAM. The erase startup-config command deletes the saved configuration and will result in the invocation of the setup menu when the router is rebooted because there will be no configuration present.
In this section, you’ll complete the following lab to make sure you’ve got the information and concepts contained within them fully dialed in: Lab 6.1: IOS Understanding You can find the answers to this lab in Appendix A, “Answers to
Written Labs.” Write out the command or commands for the following questions: 1. What command is used to set a serial interface to provide clocking to another router at 1000 Kb? 2. If you telnet into a switch and get the response connection refused, password not set , what commands would you execute on the destination device to stop receiving this message and not be prompted for a password? 3. If you type
and notice the port is administratively down, what commands would you execute to enable the interface? 4. If you wanted to delete the configuration stored in NVRAM, what command(s) would you type? 5. If you wanted to set the user-mode password to todd for the console port, what command(s) would you type? 6. If you wanted to set the enable secret password to cisco, what command(s) would you type? 7. If you wanted to determine if serial interface 0/2 on your router should provide clocking, what command would you use? 8. What command would you use to see the terminal history size? 9. You want to reinitialize the switch and totally replace the running- config with the current startup-config. What command will you use? 10. How would you set the name of a switch to Sales? Yüklə 22,5 Mb. Dostları ilə paylaş:
|