09 - Ethernet Switch Troubleshooting

By Muhammad Asghar Khan

Reference: CCENT/CCNA ICND1 Official Exam Certification Guide By Wendell Odom

1/1

Agenda

Network Verification & Troubleshooting Verifying the Network Topology Examining Interface Status

L1 & L2 Problems on Not Working Interfaces

Interface Status Codes Interface Speed & Duplex Issues CRC Counter Ethernet Collision vs Late Collision Interface Counters

L1 Problems on Working Interfaces

Analyzing L2 Forwarding Path with MAC Address Table

2 www.asghars.blogspot.com

1/2

Network Verification & Troubleshooting

Verification refers to the process of examining network to confirm that it is working as designed Troubleshooting refers to examining the network to determine what is causing a problem so that it can be fixed For effective troubleshooting, you need to remember the theory of how networks should work, how to interpret the show command, know the use of testing tools such as ping & traceroute

www.asghars.blogspot.com

2/2

Network Verification & Troubleshooting

Most of the troubleshooting processes involves a three steps :

1.

Analyzing Normal Operation

Predict the details of what should happen if the network is working correctly, based on documentation, configuration & show, debug command output

2.

Problem Isolation
Determine how far along the expected path the frame/packet goes before it can not be forwarded any further, again base on documentation, configuration and show & debug command out put

3.

Root Cause Analysis

Identify the underlying causes of the problems identified in the preceding step
www.asghars.blogspot.com

1/7

Verifying the Network Topology

The Cisco Discovery Protocol (CDP) discovers basic information about neighboring routers & switches Cisco switches & routers send CDP messages out of each of their interfaces Devices that support CDP learn information about others by listening to these messages CDP can be used to confirm or fix the documentation shown in a network diagram & discover the devices and interfaces used in a network
5 www.asghars.blogspot.com

2/7

Verifying the Network Topology

Media that supports multicasts at data link layer, CDP uses multicast frames, while media that do not supports multicasts CDP sends a copy of the CDP update to the known data link addresses CDP can be used to discover:

Device Identifier Address List Local Interface Port Identifier Capabilities List/Type of Device Platform/Model
www.asghars.blogspot.com

3/7

Verifying the Network Topology

Cisco recommends that CDP be disabled on all interfaces that do not have a specific need for it The interfaces that need to use CDP are interfaces connected to routers, switches and IP Phones CDP for an interface can be enabled by using cdp enable interface sub command and disabled with no cdp enable interface sub command Alternately, the no cdp run global command disables CDP for the entire switch, with cdp run global command re-enabling CDP globally
7 www.asghars.blogspot.com

4/7

Verifying the Network Topology

Figure shows the small network

Display detailed information about neighboring devices using cdp, from this you can draw a basic diagram as shown above to confirm the details in the figure are correct

www.asghars.blogspot.com

5/7

Verifying the Network Topology

Displays detailed information about a neighbor(s)

www.asghars.blogspot.com

6/7

Verifying the Network Topology

Displays detailed information one neighbor at a time

Displays global Cisco Discovery Protocol information

10

www.asghars.blogspot.com

7/7

Verifying the Network Topology

Displays information about the interfaces on which Cisco Discovery Protocol is enabled

11

www.asghars.blogspot.com

1/8

Examining Interface Status

Layer 1 & 2 Problems on Not Working Interfaces

Interface Status Codes

An interface status codes are used to determine whether the interface is working or not Cisco switches use two different sets of interface status codes

Set of two codes (Words) i.e line status & protocol status

The show interfaces command shows the two code status

12

Line status refers to L1 working & protocol status refers to L2 working, www.asghars.blogspot.com in this case both are down

2/8

Examining Interface Status

Single Code (Word)

The show interface status command list the single code status

Status column shows the single code status, a- before any state means that this value was found through autonegotiation process

13

www.asghars.blogspot.com

3/8

Examining Interface Status

Table lists the code combination & some causes that could have caused a particular interface status

14

www.asghars.blogspot.com

4/8

Examining Interface Status

Interface Speed & Duplex Issues

Switch interfaces can find their speed & duplex settings either through the process of IEEE 802.3X standard auto-negotiation or by configuring to use specific speed or duplex using the speed {10|100|1000} and duplex {half|full} commands The defaults for speed & duplex are as follows:
If the speed is not known, use 10 Mbps, half duplex If the speed is some how known to be 10 or 100 Mbps, default to use half duplex If the speed is some how known to be 1000 Mbps, default to use full duplex

15

www.asghars.blogspot.com

5/8

Examining Interface Status

If the duplex settings do not match on the ends of an Ethernet segment, the switch interface will still be in connect (up/up) state; In this case the interface works, but with poor performance

Layer 1 Problems on Working Interfaces

Switch keep various interface counters These interface counters can help to identify problems that can occur even though the interface is in a connect state Whenever the an error occurs receiving device discards the frame & counts it as some kind of input error Cyclic Redundancy Check (CRC) Counter

Errors experienced during transmission due to damaged cable or electromagnetic interference (EMI) are referred as CRC errors
www.asghars.blogspot.com

16

6/8

Examining Interface Status

CRC an older term referring to FCS

CRC counter

Collision counter Late Collision counter

Ethernet Collision vs Late Collision Interface Counters

Ethernet collision occur as a normal part of the halfduplex logic If LAN design follows cabling guidelines, all collisions should occur by the end of the 64th byte of any frame
www.asghars.blogspot.com

17

7/8

Examining Interface Status

When a switch has already sent 64 bytes of a frame, and the switch receives a frame on that same interface, the switch senses a collision; this is called late collision In this case; switch increments the late collision counter and send a jam signal, wait random time, and try again Incrementing late collision counter typically means; cabling length exceeds the Ethernet cabling standards, on one end of the interface half duplex while on other side full duplex is used

Three common LAN problems can use these counters:

Excessive Interface on the Cable Duplex mismatch Jabber

www.asghars.blogspot.com

18

8/8

Examining Interface Status

Excessive Interface on the Cable

It causes the problem of interference on the cable It can cause various input error counters to keep growing larger, especially the CRC counter Jabber refers to cases in which NIC ignores Ethernet rules & sends frame after frame without break Both duplex mismatch & jabber can be partially identified by the collisions & late collision counters Duplex mismatch problems can be further isolated by using the show interface command Isolating jabber problems requires the use of specialized LAN cabling troubleshooting tools
www.asghars.blogspot.com

Duplex mismatch & Jabber

19

Analyzing L2 Forwarding Path with MAC Address 1/3 Table To know how switch will forward an Ethernet frame, you need to examine the MAC address table on a switch The show mac-address-table EXEC command displays the contents of a switchs MAC address table The forwarding logic can be summarized as:
1. 2.

Determine VLAN in which frame should be forwarded Look for frames destination MAC address in the MAC address table; if destination MAC is:
www.asghars.blogspot.com

20

Analyzing L2 Forwarding Path with MAC Address 2/3 Table

a)

b)
c)

Unicast, forward the frame out the only interface listed in the matched address table entry Not Unicast, flood the frame out all other access ports (except the incoming port) in that same VLAN Broadcast or Multicast, flood the frame out all other access ports (except the incoming port) in that same VLAN

When MAC table allows a frame to be delivered, but the frame still does not arrive, the problem is likely to be related to some kind of filtering LAN switches can be configured with Access Control Lists (ACL) which filter frames, also routers can configure & use ACLs
21 www.asghars.blogspot.com

Analyzing L2 Forwarding Path with MAC Address 3/3 Table

ACLs are not covered in CCNA exams Also port security configured as protect or restrict violation action, the switch discards the offending traffic, but it leaves the port in connect (up/up) state

22

www.asghars.blogspot.com