Write a short note on the following

1. How to troubleshoot RIP ?

Answer: - Know how to verify and troubleshoot a protocol or feature is as important
as knowing how to configure it because configurations do have errors and assuming
that everything is working correctly can lead to major network problems. The
following three commands are used to verify and troubleshoot RIP:

show ip route

show ip protocols

debug ip rip

The show ip route command has been covered in the previous chapter and earlier in
this chapter. Eventually a complete and correct routing table across the network is
the best verification of a routing table.
2. How to troubleshoot BGP?
BGP is fundamentally different from other routing protocol like RIP, EIGRP and OSPF,
in matters like how and where it operates, RIP,EIGRP and OSPF are each considered
as IGP in other words, these protocols are intended to be used on the inside of a
network and not necessarily between routing domains. BGP, on the other hand is an
EGP which was designed with the intention of connecting multiple large scale
networks. Because of this assumptions, BGP is exceptionally well suited for dealing
with large scale networks and a very large routing table while still being able to
operate efficiently. The biggest example of a BGP deployment is the internet, which
is exclusively routed using BGP between all core connection points as well as
between many of the smaller access point. BGP is also different from other routing
protocol because it runs on top of TCP (port 179) this means that BGP neighbors
dont have to be directly connected. BGP is a path vector protocol, which means
when BGP neighbors exchange routing information, there are many reachable
network path specific attributes and a list of Autonomous System Numbers. As BGP
used in complex network design, the troubleshooting also makes a little bit difficult.
3. How to troubleshoot redistribution?
Redistribution is the process of forwarding network information from one routing
protocol domain to anther routing domain.
Route redistribution involves sending routes from one routing protocol into another
routing protocol.

To troubleshoot redistribution, if a redistributed route does not appear in the routing

table:
Make sure that the same route is not being advertised by another routing protocol
which has a lower administrative distance. For instance, if you are redistributing
10.1.1.0/24 into EIGRP from BGP and a static 10.1.1.0/24 is already present in your
router then you will not see the redistributed route in your router since static route
has lower administrative distance than EIGRP routes. You can use the "sh ip route
[PREFIX]" command to check which route is actually present in the routing table.
The route you want to redistribute must be present in the routing table of the
redistributing router. This is very important when redistributing between two
dynamic routing protocols. Because, you receive route from one protocol and
redistribute into another so it must be ensured the route is being received before
you can redistribute it.
Its always recommended to use router filters in redistribution. Make sure that the
redistributed route has a matching statement in the prefix-list or access-list. The
subnet mask in the prefix-list must match the route present in the routing table.
Note that the route metrics are lost when redistributing between protocols so its
always recommended to set metric of redistributed routes. EIGRP routes are not
redistributed if no metrics are specified, so the metrics must be specified with the
'metric' command when redistributing into EIGRP.
For OSPF, only classful subnets are redistributed unless you use the 'subnet'
keyword with the redistribution command.
4. How to Configure Extended Access List?
Extended IP access lists are almost identical to standard IP access lists in their use.
The key difference between the two types is the variety of fields in the packet that
can be compared for matching by extended access lists. As with standard lists,
extended access lists are enabled for packets entering or exiting an interface. The
list is searched sequentially; the first statement matched stops the search through
the list and defines the action to be taken. All these features are true of standard
access lists as well. The matching logic, however, is different than that used with
standard access lists and makes extended access lists much more complex.
Extended access lists can match source and destination addresses as well as
different TCP and UDP ports. This gives greater flexibility and control over network
access.
To configure extended access lists, the command is similar to standard access list,
but with more options. The command is this:
Router(config)# access-list {100-199} {permit | deny} protocol source-addr
[sourcemask] [operator operand] destination-addr [destination-mask] [operator operand]
[established]
The first value that you must configure is the access list number. Extended access
lists range from 100 to 199. Then you need to permit or deny the criteria that you

will specify next. The next value is the protocol type. Here, you could specify IP, TCP,
UDP, or other specific IP sub-protocols. The next value is the source IP address and
its wildcard mask. Next is the destination IP address and its wildcard mask. When
the destination IP address and mask are configured, you can specify the port
number that you want to match, by number or by a well-known port name.
As with standard access lists, after the extended access list is created, you need to
apply it to an interface with the ip access-group command. Review the lab
objectives associated with the chapter before beginning to configure the access lists
Answer the following

1. What are IOS Tools to Monitor and Maintain the Network?

The Simple Network Management Protocol, SNMP, is a widely used management
protocol and defined set of standards for communications with devices connected to
an IP network. SNMP provide a means to monitor and control network devices. Like
Cisco IOS IP SLA operations, SNMP can be used to collect statistics, monitor device
performance and provide a baseline of the network and is one of the most
commonly used network maintenance and monitoring tools.
SNMP is an Application Layer (Layer 7) protocol that facilitates the exchange of
management information between network devices using UDP ports 161 and 162.
An SNMP-managed network consists of a management system, agents, and
managed devices. The management system executes monitoring applications and
controls managed devices. The management systems execute most of the
management processes and provide the bulk of memory resources used for network
management. A network might be managed by one or more management systems.
Examples of SNMP management systems include HP OpenView and SolarWinds.
An SNMP agent resides on each managed device and translates local management
information data, such as performance information or event and error information
caught in software traps, into a readable form for the management system. SNMP
agents use get-requests that transport data to the network management software.
SNMP agents capture data from Management Information Bases (MIBs), which are
device parameter and network data repositories, or from error or change
traps.When using SNMP, managed devices are monitored and controlled using three
common SNMP commands. These three commands are the read, write and trap

commands. The read command is used by an NMS to monitor managed devices.

This is performed by the NMS examining different variables that are maintained by
managed devices. The write command is used by an NMS to control managed
devices. Using this command, the NMS can change the values of variables stored
within managed devices. Finally, the SNMP trap command is used by managed
devices to report events to the NMS. Devices can be configured to send SNMP traps
or informs to an NMS. The traps and informs that are sent are dependent on the
version of Cisco IOS software running on the device, as well as the platform.
SNMP traps are simply messages that alert the SNMP manager of a condition on the
network. An example of an SNMP trap could include an interface transitioning from
an up state to a down state. The primary issue with SNMP traps is that they are
unacknowledged. This means that the sending device is incapable of determining if
the trap was received by the NMS.
SNMP informs are SNMP traps that include a confirmation of receipt from the SNMP
manager. These messages can be used to indicate failed authentication attempts,
or the loss of a connection to a neighbor router, for example. If the manager does
not receive an inform request, it does not send a response. If the sender never
receives a response, the inform request can be sent again. Thus, informs are more
likely to reach their intended destination.
While informs are more reliable than traps, the downside is that they consume more
resources on both the router and in the network. Unlike a trap, which is discarded as
soon as it is sent, an inform request must be held in memory until a response is
received or the request times out. Also, traps are sent only once, while an inform
may be resent several times if a response is not received from the SNMP server
(NMS).
2. How to troubleshoot VLAN Trunk?
VLAN are very much helpful when you have to isolate the traffic in your network.
But sometimes the misconfigurations in VLAN will cause the communication
problems. When you check the errors that prevent communication, you need to
check the VLANs, you must make sure that both interfaces are in the same VLAN,
and they only you can get the communication.
You can use the show vlan command to verify that the interface belong to the
same VLAN.
In the above diagram, there is no errors like IP address mismatch, VACL, etc but still
these PC1 and PC2 are not able to communicate each other. You can see that both
of them are in the same VLAN and also the link from SW1 to SW2 is a trunk link.

Then what will be the problem, this problem might not occur in modern switches, if
one switch is using the ISL encapsulation and the other end is using a dot 1 q
encapsulation, and there would be a problem. These issue are not in the modern
switches because now only few switches are supporting the ISL encapsulation.
3.

How to troubleshoot Dynamic NAT ?

Cisco NAT enables you to do a lot, and the configurations are straightforward. If it
does not work, you can spot a few common causes by asking the following
questions:

Do the dynamic pools contain the correct range of addresses?

Is there any overlap between dynamic pools?

Is there any overlap between addresses used for static mapping and the
addresses in the dynamic pools?

Do the access lists specify the correct addresses to be translated? Are any
addresses left out? Are any addresses included that should not be included?

Are the correct inside and outside interfaces specified?

One of the most common problems with a new NAT configuration is not NAT itself,
but routing. Remember that you are changing a source or destination address in a
packet; after the translation, does the router know what to do with the new
address?
Theoretically, there is no limit on the number of mappings that the NAT table can
hold. Practically, memory and CPU or the boundaries of the available addresses or
ports place a limit on the number of entries. Each NAT mapping uses approximately
160 bytes of memory. In the rare case where the entries must be limited either for
performance or policy reasons, you can use the ip nat translation max-entries
command.
Another useful command for troubleshooting is show ip nat statistics, as
demonstrated in This command displays a summary of the NAT configuration, as
well as counts of active translation types, hits to an existing mapping, misses
(causing an attempt to create a mapping), and expired translations. For dynamic
pools, the type of pool, the total available addresses, the number of allocated
addresses, the number of failed allocations, and the number of translations using
the pool (refcount) appear.
Another problem can be timeouts. If a translated address is cached in some system
after the dynamic entry has timed out of the NAT table, packets can be sent to the
wrong address, or the destination may seem to have disappeared. Besides the ip

nat translation timeout command already discussed, you can change several other
default timeouts. Table 4-3 lists all the keywords you can use with the ip nat
translation command and the default values of the timeout periods. You can change
all the defaults within a range of 02,147,483,647 seconds.
Finally, you can manually clear dynamic NAT entries from the NAT table. This action
can prove useful if you need to get rid of a particular offending entry without
waiting for the timeout to expire, or if you need to clear the entire NAT table to
reconfigure an address pool. Note that Cisco IOS Software does not allow you to
change or delete an address pool while addresses from the pool are mapped in the
NAT table. The clear ip nat translations command clears entries; you can specify a
single entry by the global and local address or by TCP and UDP translations
(including ports), or you can use an asterisk (*) to clear the entire table. Of course,
only dynamic entries are cleared; the command does not remove static entries.

4. How to troubleshoot PAT ?.

Port Address Translation (PAT) is a type of Network Address Translation (NAT), which
translates communications between devices on a private network and devices on a
public network.
PAT is also known as port overloading, overloaded NAT, port-level multiplexed NAT
or single address NAT.
ort Address Translation (PAT) allows multiple devices on a private network to be
mapped to a single public IP address, which in the example above is 8.1.4.20, the IP
address assigned by our ISP.
When our computer (192.168.1.11) connects to a web server on the Internet, the
router running Port Address Translation (PAT) will do the following:
Assign a port number to our computer.
Store the computers IP address and assigned port number in its translation
table.
Replaces the private IP address with the public one.
Assign an external port number.
Add the external IP address and port number to its translation table.
Rewrite the IP header of the outbound packet with the public IP address and
assigned port number.
Send the packets to the host on the Internet.
Then when the host on the Internet replies back, our router will:
Read the packet received by the external device.
Use the external port number and look for a match on its translation table.
Rewrite the IP header of the incoming packet with the internal corresponding
IP address and port number.
Send the packet to the internal network.
Most likely we will have multiple devices (computers, iPhones, PCs, TVs, TiVo, etc.)
connected to our internal network and all these devices may be connecting to many
other devices on the Internet, using several ports.

For example, your computer may be checking email on port 993, while you listen to
Pandora on HTTP 80 and Skype maybe running on the background listening on port
37572.
As you can see, one device may be connecting to multiple devices and services on
the Internet at the same time, while another device is connecting to other devices
using completely different ports.
Its up to our router to keep its translation table updated and to rewrite incoming
and outgoing packets with new header information.