Escolar Documentos
Profissional Documentos
Cultura Documentos
Syslog messages that indicate packet looping in the network (for example, Hot
Standby Router Protocol duplicate IP address messages)
Syslog messages that indicate constant address relearning or MAC address flapping
messages
Increasing number of output drops on many interfaces
Step 2. Discover the topology (scope) of the loop.
The highest priority is to stop the loop and restore network operation. To stop the
loop, you must know which ports are involved. Look at the ports with the highest
link utilization (packets per second). The show interface command displays the
utilization for each interface. Make sure that you record this information before
proceeding to the next step. Otherwise, it could be difficult later on to determine the
cause of the loop.
Step 3. Break the loop.
Shut down or disconnect the involved ports one at a time. After you disable or
disconnect each port, check whether the switch backplane utilization is back to a
normal level. Document your findings. Keep in mind that some ports may not be
sustaining the loop but rather are flooding the traffic arriving with the loop. When
you shut down such flooding ports, you only reduce backplane utilization a small
amount, but you do not stop the loop.
Step 4. Find and fix the cause of the loop.
Determining why the loop began is often the most difficult part of the process,
because the reasons can vary. It is also difficult to formalize an exact procedure that
works in every case. First, investigate the topology diagram to find a redundant
path.
For every switch on the redundant path, check for these issues:
Does the switch know the correct STP root?
Is the root port identified correctly?
Are Bridge Protocol Data Units (BPDUs) received regularly on the root port and on
ports that are supposed to be blocking?
Are BPDUs sent regularly on non-root, designated ports?
Step 5. Restore the redundancy.
After the device or link that is causing the loop has been found and the problem has
been resolved, restore the redundant links that were disconnected.
We have only touched lightly on the subject of troubleshooting STP loops.
Troubleshooting loops and other STP problems is complex, and a detailed discussion
is beyond the scope of this course. However, if you want to learn more about
troubleshooting STP problems, an excellent techinical note is available at:
http://cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008013667
3.shtml#troubleshoot.
Routing table
Check the routing table for anything unexpected, such as missing routes or
unexpected routes. Use debug commands to view routing updates and routing table
maintenance.
Use an extended ping if attempting the ping from a Cisco router. If successful, Layer
3 is operating correctly. If Layers 1-3 are functioning properly, the issue must exist
at a higher layer.
Step 3. Verify access list and NAT operation.
To troubleshoot access control lists, use the following steps:
Use the show access-list command. Are there any ACLs that could be stopping
traffic? Notice which access lists have matches.
Clear the access-list counters with the clear access-list counters command and try
to establish a connection again.
Verify the access-list counters. Have any increased? Should they increase?
To troubleshoot NAT, use the following steps:
Use the show ip nat translations command. Are there any translations? Are the
translations as expected?
Clear the NAT translations with the clear ip nat translation * command and try to
access the external resource again.
Use the debug ip nat command and examine the output.
Look at the running configuration file. Are the ip nat inside and ip nat outside
commands located on the right interfaces? Is the NAT pool correctly configured? Is
the ACL correctly identifying the hosts?
If the ACLs and NAT are functioning as expected, the problem must lie in a higher
layer.
Step 4. Troubleshoot upper layer protocol connectivity.
Even though there may be IP connectivity between a source and a destination,
problems may still exist for a specific upper layer protocol, such as FTP, HTTP, or
Telnet. These protocols ride on top of the basic IP transport but are subject to
protocol-specific problems relating to packet filters and firewalls. It is possible that
everything except mail works between a given source and destination.
Troubleshooting an upper layer protocol connectivity problem requires
understanding the process of the protocol. This information is usually found in the
latest RFC for the protocol or on the developer web page.