Académique Documents
Professionnel Documents
Culture Documents
Objectives
Situation
Most enterprises rely on their networks to provide consistent and reliable access to shared resources Without a reliable network, many organizations lose access to customer databases and accounting records that employees need to perform their daily activities.
Large enterprises generally span many different time zones and have employees, customers, and suppliers accessing their network around the clock. For these organizations, any downtime is extremely costly. Cause of network downtime Weather and natural disasters Security breaches Man-made disasters Power surges Virus attacks Equipment failure Misconfiguration of devices Lack of resources
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com 5
Several groups of tools are available for monitoring network performance levels and gathering data. These tools include: Network utilities Packet sniffing tools SNMP monitoring tools Network monitoring tools, techniques, and programs rely on the availability of a complete set of accurate and current network documentation. This documentation includes: Physical and logical topology diagrams Configuration files of all network devices A baseline performance level
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com 9
10
Packet sniffing tools monitor the types of traffic on various parts of the network. These tools may also be able to remedy the situation before network congestion becomes critical.
11
(SNMP) allows monitoring of individual devices on the network. SNMP-compliant devices use agents to monitor a number of predefined parameters for specific conditions. These agents collect information and store it in a database known as the management information base (MIB).
12
9.1.2
13
Refer 9.1.3
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com 14
15
Activity 9.1.3
16
Troubleshooting process
When a problem occurs on an enterprise network, troubleshooting that problem quickly and efficiently is very important to avoid extended periods of downtime. Many different structured and unstructured problem-solving techniques are available to the network technician. These include: Top-down Bottom-up Divide-and-conquer Trial-and-error Substitution
17
Troubleshooting process
18
Troubleshooting process
19
Troubleshooting process
When a situation requires a more structured approach, most network personnel use a layered process based on the OSI or TCP/IP models. When approaching a problem situation, follow the generic problem-solving model, regardless of the type of troubleshooting technique used. Define the problem Gather facts Deduce possibilities and alternatives Design plan of action Implement solution Analyze results
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com 20
Troubleshooting process
OSI model
21
OSI Model
22
OSI Model
23
OSI Model
24
Activity 9.1.4.3
25
26
qshow port-security interface interface_id qshow mac-address-table qclear mac-address-table dynamic qshow interface interface_id
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com 27
28
A loop develops when the switch does not receive BPDUs or is unable to process them. This problem could be due to:
Misconfigurations Defective transceivers Hardware and cabling issues Overloaded processors
STP does not always identify the best root bridge or root ports. Troubleshoote STP
q show spanning-tree q show spanning-tree interface interface_id
30
Activity 9.2.1.5
31
If the Physical Layer is functioning correctly and communication is still not occurring between end devices, check the VLAN configuration. q show vlan id vlan_number t q Show vlan q Show vlan brief q Show vlan id 101 Refer 9.2.2.1 If inter-VLAN routing is required, verify the following configurations: One port from each VLAN connects into a router interface or subinterface. Both the switch port and the router interface are configured with trunking. Both the switch and router interface are configured with the same encapsulation.
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com 32
33
Access Port: switch considers the connected network device as non-switch (unable to understand BPDU). Trunk port: switch consider the connected network device as switch/bridge (able to speak and read BPDU). Native VLAN is assigned to an 802.1Q trunk port. An 802.1Q trunk port supports traffic coming from many VLANs (tagged traffic) as well as traffic that does not come from a VLAN (untagged traffic) Management VLANs is any VLAN you configure to access the management capabilities of a switch.
The native VLAN and management VLAN are VLAN1 by default. Refer 9.2.2.3
34
Activity 9.2.2.4
35
Troubleshooting VTP
VTP simplifies the distribution of VLAN information to multiple switches in a domain. Switches that participate in VTP operate in one of three modes: server, client, or transparent. Only the server adds, deletes, and modifies VLAN information. When troubleshooting VTP on a network, ensure that:
All participating devices have the same VTP domain name. Two VTP servers exist in every domain, in case one fails. All servers have the same information. The revision numbers are the same on all devices. All devices use the same VTP version. q show vtp status q vtp version <1 | 2>
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com 36
Troubleshooting VTP
q vtp password password q show vtp password
Refer 9.2.3.2
37
Activity 9.2.3.3
38
RIP Issues
RIP is a fairly basic and simple protocol to configure Compatibility issues exist between RIPv1 and RIPv2. If the RIP routes are not being advertised, check for the following problems:
Layer 1 or Layer 2 connectivity issues Requirements for VLSM subnetting but using RIPv1 RIPv1 and RIPv2 routing configurations mismatched Network statements missing or incorrect Interface IP addressing incorrect Outgoing interface is down Advertised network interface is down Passive interface misconfigurations
39
RIP Issues
40
Activity 9.3.1.3
41
EIGRP Issues
42
EIGRP Issues
43
EIGRP Issues
44
Activity 9.3.2.3
45
OSPF Issues
OSPF Issues
47
OSPF Issues
48
OSPF Issues
49
9.3.3.2
50
RIP
51
EIGRP
52
OSPF
53
54
The IP address configured on an interface and the status of the port and line protocol is viewable with the command:
q show ip interface brief
55
PPP?
56
The PPP process involves both the LCP and NCP phases. LCP establishes the link and verifies that it is of sufficient quality to bring up the Layer 3 protocols. NCP allows Layer 3 traffic to move across the link. When troubleshooting PPP connectivity, verify that:
LCP phase is complete Authentication has passed, if configured NCP phase is complete q show interface q debug ppp negotiation q debug ppp packet
57
58
59
60
Activity 9.4.1.5
61
62
63
Authentication can be either one-way or two-way. For enhanced security, use two-way or mutual authentication. Two-way authentication requires that each end device authenticate to the other. The most common problem with authentication is either forgetting to configure an account for the remote router or misconfiguring the username and password.
q ppp pap sent-username username password password
Debugging the authentication process provides a quick method of determining what is wrong.
q debug ppp authentication
64
65
66
Activity 9.4.2.3
67
Logging shows the effect that ACLs are having on various packets.
69
To display the source and destination IP address for each packet received or sent by any interface on the router:
q debug ip packet
If the packets are simply passing through and the ACL does not block a packet from this IP address, no debug message is generated.
70
71
72
9.5.1.3
73
Activity 9.5.1.4
74
If it appears that the ACL is the problem, there are several issues to check. Refer 9.5.2.1
75
76
Activity 9.5.2.3
77
Summary
When troubleshooting a network, determine the scope of the problem and isolate issue to a specific failure domain The most common problems with switches occur at the Physical Layer Use debug commands to isolate problems, not to monitor normal network operation The most common physical layer WIN problems are not specifying a clock rate on the link or ussing the wrong type of cables.
78
79