ICND2 OECG Chapter 3 Troubleshooting LAN Switching
Posted by Aragoen Celtdra on 6th June 2008
Below is a summary of the chapter 3, troubleshooting section from Wendell Odom’s ICND2 OECG book. It doesn’t look like much, but there’s a ton of conceptual and foundational skills that can be built upon that outline. I’ve spent the last couple of days reviewing and working on switching technologies. I’ll probably finish it off this weekend and move on to the routing portion.
Text in red are my notes.
Troubleshooting LAN Switching Data Plane
Step 1 Verify the accuracy of and complete the information listed in the network diagram using CDP.
- show cdp neighbors
- show cdp entry
- pay attention to diagram not matching information on the CDP output.
- End-user PCs do not show up on CDP output.
Step 2 Check for interface problems as follows:
a. Determine the interface status code(s) for each required interface, and if not in a connect or up/up state, resolve the problems until the interface reaches the connect or up/up state.
- sh interfaces fa0/1 status
b. For interfaces in a connect (up/up) state, also check for two other problems: duplex mismatches and some variations of port security purposefully dropping frames.
- sh interface fa0/1
- To check for duplex mismatches, pay attention to counters like runts, collisions, late collisions, etc
- Also consider PC duplex settings match that of the switch, and vice versa.
Step 3 Check for port security problems as follows:
a. Identify all interfaces on which port security is enabled (show running-config or show port-security).
b. Determine whether a security violation is currently occurring based in part on the violation mode of the interface’s port security configuration, as follows:
o shutdown: The interface will be in an err-disabled state.
o restrict: The interface will be in a connect state, but the show port-security interface command will show an incrementing violations counter.
o protect: The interface will be in a connect state, and the show port-security interface command will not show an incrementing violations counter.
c. In all cases, compare the port security configuration to the diagram as well as the “last source address” field in the output of the show port-security interface command.
Step 4 Check VLANs and VLAN trunks as follows:
a. Identify all access interfaces and their assigned access VLANs, and reassign into the correct VLANs as needed.
- show interface status
- show interfaces fa0/1 status
- switchport access vlan 3 - interface subcommand to assign an interface to VLAN 3
b. Determine whether the VLANs both exist (configured or learned with VTP) and are active on each switch. If not, configure and activate the VLANs to resolve problems as needed.
- show vlan id 3
- show vlan brief
c. Identify the operationally trunking interfaces on each switch, and determine the VLANs that can be forwarded over each trunk.
- show interfaces trunk
Posted in CCNA Basics, CCNA Notes | No Comments » | 