Module 12: Network

Troubleshooting
Instructor Materials

Enterprise Networking, Security, and Automation v7.0

(ENSA)
Instructor Materials – Module 12 Planning Guide
This PowerPoint deck is divided in two parts:

• Instructor Planning Guide

• Information to help you become familiar with the module
• Teaching aids
• Instructor Class Presentation
• Optional slides that you can use in the classroom
• Begins on slide # 10
Note: Remove the Planning Guide from this presentation before sharing with anyone.
For additional help and resources go to the Instructor Home Page and Course
Resources for this course. You also can visit the professional development site on
netacad.com, the official Cisco Networking Academy Facebook page, or Instructor
Only FB group.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
What to Expect in this Module
 To facilitate learning, the following features within the GUI may be included in this module:
Feature Description

Animations Expose learners to new skills and concepts.

Expose learners to new skills and concepts.
Videos
Check Your Per topic online quiz to help learners gauge content understanding.
Understanding(CYU)

Interactive Activities A variety of formats to help learners gauge content understanding.

Small simulations that expose learners to Cisco command line to practice
Syntax Checker configuration skills.
Simulation and modeling activities designed to explore, acquire, reinforce, and
PT Activity expand skills.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
What to Expect in this Module (Cont.)
 To facilitate learning, the following features may be included in this module:

Description
Feature
Hands-On Labs Labs designed for working with physical equipment.
Class Activities These are found on the Instructor Resources page. Class Activities are
designed to facilitate learning, class discussion, and collaboration.
Self-assessments that integrate concepts and skills learned throughout the
Module Quizzes series of topics presented in the module.
Module Summary Briefly recaps module content.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Check Your Understanding

• Check Your Understanding activities are designed to let students quickly determine if they
understand the content and can proceed, or if they need to review.
• Check Your Understanding activities do not affect student grades.

• There are no separate slides for these activities in the PPT. They are listed in the notes area
of the slide that appears before these activities.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Module 12: Activities
 What activities are associated with this module?

Page # Activity Type Activity Name Optional?

12.1.9 Check Your Understanding Network Documentation Recommended

12.2.8 Check Your Understanding Troubleshooting Process Recommended

12.3.5 Check Your Understanding Troubleshooting Tools Recommended

12.4.7 Check Your Understanding Symptoms and Causes of Network Problems Recommended

12.5.13 Packet Tracer Troubleshoot Enterprise Networks Recommended

12.6.1 Packet Tracer Troubleshooting Challenge - Document the Network Recommended

Troubleshooting Challenge - Use Documentation to Solve

12.6.2 Packet Tracer Recommended
Issues

12.6.4 Module Quiz Network Troubleshooting

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Module 12: Best Practices
Prior to teaching Module 12, the instructor should:
• Review the activities and assessments for this module.
• Try to include as many questions as possible to keep students engaged during classroom
presentation.
• After this Module, the Optimize, Monitor, and Troubleshoot Networks Exam is available,
covering Modules 9-12.

Topic 12.1
• Ask the students or have a class discussion
• How would you troubleshoot a network connectivity problem?
• What would you need if you were troubleshooting a connectivity problem?

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Module 12: Best Practices (Cont.)
Topic 12.2
• Ask the students or have a class discussion
• What steps you would take to when a host does not reach the internet?
• What questions would you ask an end-user?

Topic 12.3
• Ask the students or have a class discussion
• What type of tools would you use to solve a hardware problem?
• What type of tools would you use to solve a software problem?

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Module 12: Best Practices (Cont.)
Topic 12.4
• Ask the students or have a class discussion
• What types of problems can occur at the physical layer?
• What types of problems can occur at the data link layer?
• What types of problems can occur at the network layer?
• What types of problems can occur at the transport layer?
• What types of problems can occur at the application layer?

Topic 12.5
• Ask the students or have a class discussion
• Given a topology, what steps would you take to solve and end-to-end connectivity
problem?

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Module 12: Network
Troubleshooting
Enterprise Networking, Security, and Automation v7.0
(ENSA)
Module Objectives
Module Title: Network Troubleshooting

Module Objective: Troubleshoot enterprise networks.

Topic Title Topic Objective
Network Documentation Explain how network documentation is developed
and used to troubleshoot network issues.
Troubleshooting Process Compare troubleshooting methods that use a
systematic, layered approach.
Troubleshooting Tools Describe different networking troubleshooting tools.

Symptoms and Causes of Network Problems Determine the symptoms and causes of network
problems using a layered model.
Troubleshooting IP Connectivity Troubleshoot a network using the layered model.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
12.1 Network Documentation

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Network Documentation
Documentation Overview
Accurate and complete network documentation is required to effectively monitor and
troubleshoot networks.

Common network documentation includes the following:

• Physical and logical network topology diagrams
• Network device documentation that records all pertinent device information
• Network performance baseline documentation

All network documentation should be kept in a single location and backup documentation
should be maintained and kept in a separate location.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Network Documentation
Network Topology Diagrams
There are two types of network topology diagrams: physical and logical.
Physical Topology Logical Topology

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Network Documentation
Network Device Documentation
Router Device
Documentation
Network device
documentation should
contain accurate, up-to-
date records of the
network hardware and Switch Device
software. Documentation

Documentation should
include all pertinent
information about the
network devices. End-System
Documentation

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Network Documentation
Establish a Network Baseline
A network baseline is used to establish normal network performance to determine the
“personality” of a network under normal conditions. Establishing a network performance
baseline requires collecting performance data from the ports and devices that are
essential to network operation.

The baseline data is as follows:

• Provides insight into whether the current network design can meet business
requirements.
• Can reveal areas of congestion or areas in the network that are underutilized.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Network Documentation
Step 1 - Determine What Types of Data to Collect
When conducting the initial baseline, start by selecting a few variables that represent the
defined policies.

If too many data points are selected, the amount of data can be overwhelming, making
analysis of the collected data difficult.

Start out simply and fine-tune along the way.

Some good starting variables are interface utilization and CPU utilization.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Network Documentation
Step 2 - Identify Devices and Ports of Interest
A logical network topology can be useful in
identifying key devices and ports to monitor.
As shown in the sample topology, the
devices and ports of interest include:
• PC1 (the Admin terminal)
• Two servers (i.e., Srv1 and Svr2)
• Router interfaces
• Key ports on switches

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Network Documentation
Step 3 - Determine the Baseline Duration
When capturing data for analysis, the period specified should be:
• At a minimum, seven days long.
• Last no more than six weeks, unless specific long-term trends need to be measured.
• Generally, a two-to-four-week baseline is adequate.

Conduct an annual analysis of the entire network, or baseline different sections of the
network on a rotating basis.

Analysis must be conducted regularly to understand how the network is affected by

growth and other changes.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Network Documentation
Data Measurement
The table lists some of the most common Cisco IOS commands used for data collection.
Command Description
show version • Displays uptime, version information for device software and hardware
show ip interface [brief]
show ipv6 interface [brief] • Displays all the configuration options that are set on an interface.

show interfaces • Displays detailed output for each interface.

show ip route [static | eigrp | ospf | bgp] • Displays the routing table content listing directly connected networks and
show ipv6 route [static | eigrp | ospf | bgp] learned remote networks.
show cdp neighbors detail • Displays detailed information about directly connected Cisco devices.
show arp
show ipv6 neighbors
• Displays the contents of the ARP table (IPv4) and the neighbor table (IPv6).

show running-config • Displays current configuration.

show vlan • Displays the status of VLANs on a switch.
show port • Displays the status of ports on a switch.
• Used to collect a large amount of information using multiple show commands
show tech-support
for technical support reporting purposes.
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
12.2 Troubleshooting
Process

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Troubleshooting Process
General Troubleshooting Procedures
Troubleshooting can be time consuming
because networks differ, problems differ, and
troubleshooting experience varies.
• Using a structured troubleshooting method
will shorten overall troubleshooting time.
• There are several troubleshooting
processes that can be used to solve a
problem.
• The figure displays the logic flowchart of a
simplified three-stage troubleshooting
process.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Troubleshooting Process
Seven-Step Troubleshooting Process
The figure displays a more detailed seven-
step troubleshooting process.

Steps Description

Define the Problem • Verify that there is a problem and then properly define what the problem is.

Gather Information • Targets (i.e., hosts, devices) are identified, accessed, and information gathered.

Analyze Information • Identify possible causes using network documentation, network baselines, knowledge bases, and peers.

Eliminate Possible
• Progressively eliminate possible causes to eventually identify the most probable cause.
Causes

Propose Hypothesis • When the most probable cause has been identified, a solution must be formulated.

Test Hypothesis • Assess the urgency of the problem, create a rollback plan, implement the solution, and verify outcome.

Solve the Problem • When solved, inform all involved and document the cause and solution to help solve future problems.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Troubleshooting Process
Question End Users
The table provides questioning guidelines and sample open ended end-user questions.
Guidelines Example Open Ended End-User Questions

• What does not work?

Ask pertinent questions. • What exactly is the problem?
• What are you trying to accomplish?

• Who does this issue affect? Is it just you or others?

Determine the scope of the problem.
• What device is this happening on?

• When exactly does the problem occur?

Determine when the problem occurred /
• When was the problem first noticed?
occurs.
• Were there any error message(s) displayed?

Determine if the problem is constant or • Can you reproduce the problem?

intermittent. • Can you send me a screenshot or video of the problem?

Determine if anything has changed. • What has changed since the last time it did work?

Use questions to eliminate or discover • What works?

possible problems. • What does not work?

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Troubleshooting Process
Gather Information
Common Cisco IOS commands used to gather network problem symptoms.
Command Description
ping {host |ip-address} • Sends an echo request packet to an address, then waits for a reply.

traceroute destination • Identifies the path a packet takes through the networks.

telnet {host | ip-address} • Connects to an IP address using the Telnet application (Note: Use SSH whenever possible).

ssh -l user-id ip-address • Connects to an IP address using SSH.

show ip interface brief

show ipv6 interface brief • Displays a summary status of all interfaces on a device.

show ip route
show ipv6 route
• Displays the current IPv4 and IPv6 routing tables.

show protocols • Displays the global and interface-specific status of any configured Layer 3 protocol.
debug • Displays a list of options for enabling or disabling debugging events.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Troubleshooting Process
Troubleshooting with Layered Models
The OSI and TCP/IP models can be applied to isolate network problems when
troubleshooting.

The figure shows some common

devices and the OSI layers that
must be examined during the
troubleshooting process for that
device.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Troubleshooting Process
Structured Troubleshooting Methods
Different troubleshooting approaches that can be used include the following.
Troubleshooting
Description
Approach

Bottom-Up • Good approach to use when the problem is suspected to be a physical one.

Top-Down • Use this approach for simpler problems, or when you think the problem is with a piece of software.

Divide-and-Conquer • Start at a middle layer (i.e, Layer 3) and tests in both directions from that layer.

Follow-the-Path • Used to discover the actual traffic path from source to destination to reduce the scope of troubleshooting.

Substitution • You physically swap a suspected problematic device with a known, working one.

Comparison • Attempts to resolve the problem by comparing a nonoperational element with the working one.

Educated guess • Success of this method varies based on your troubleshooting experience and ability.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Troubleshooting Process
Guidelines for Selecting a Troubleshooting Method
To quickly resolve network problems, take the
time to select the most effective network
troubleshooting method.

• The figure illustrates which method could be

used when a certain type of problem is
discovered.
• Troubleshooting is a skill that is developed by
doing it.
• Every network problem you identify and solve
gets added to your skill set.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
12.3 Troubleshooting
Process

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Troubleshooting Tools
Software Troubleshooting Tools
Common software troubleshooting tools include the following:

Software Tool Description

Network Management • Network software include device-level monitoring, configuration, and fault-management tools.
System Tools • Tools can be used to investigate and correct network problems.

• Online network device vendor knowledge bases have become indispensable sources of information.
Knowledge Bases • When vendor-based knowledge bases are combined with internet search engines, a network administrator
has access to a vast pool of experience-based information.

• Many tools for automating the network documentation and baselining process are available.
Baselining Tools • Baselining tools help with common documentation tasks such as network diagrams, update network
software and hardware documentation, and cost-effectively measure baseline network bandwidth use.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Troubleshooting Tools
Protocol Analyzers
A protocol analyzer can
capture and display the
physical layer to the
application layer information
contained in a packet.

Protocol analyzers, such as

Wireshark, can help
troubleshoot network
performance problems.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
Troubleshooting Tools
Hardware Troubleshooting Tools
There are multiple types of hardware troubleshooting tools.
Hardware Tools Description

Digital Multimeters Devices measure electrical values of voltage, current, and resistance.

Cable Testers Handheld devices are designed for testing the various types of data communication cabling.

Cable Analyzers Multifunctional handheld devices used to test and certify copper and fiber cables.

Portable Network
Specialized device used for troubleshooting switched networks and VLANs.
Analyzers

Cisco Prime NAM Browser-based interface that displays device performance analysis in a switched and routed environment.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
Troubleshooting Tools
Syslog Server as a Troubleshooting Tool
Syslog is used by syslog clients to send text-based log messages to a syslog server.

• Log messages can be sent to the console, VTY lines, memory Level Keyword

buffer, or syslog server. 0 Emergencies

1 Alerts
• Cisco IOS log messages fall into one of eight levels. 2 Critical
• The lower the level number, the higher the severity level. 3 Errors
4 Warnings
• By default, the console displays level 6 (debugging) messages.
5 Notifications
• In the command output, level 0 (emergencies) to 5 (notifications) 6 Informational
are sent to the syslog server at 209.165.200.225. 7 Debugging

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
12.4 Symptoms and Causes
of Network Problems

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
Symptoms and Causes of Network Problems
Physical Layer Troubleshooting
The table lists common symptoms of physical layer network problems.

Symptom Description
• Requires previous baselines for comparison.
Performance lower
• The most common reasons include overloaded or underpowered servers, unsuitable switch or router
than baseline
configurations, traffic congestion on a low-capacity link, and chronic frame loss.
• Loss of connectivity could be due to a failed or disconnected cable.
Loss of connectivity • Can be verified using a simple ping test.
• Intermittent connectivity loss can indicate a loose or oxidized connection.
Network bottlenecks • If a route fails, routing protocols could redirect traffic to sub-optimal routes.
or congestion • This can result in congestion or bottlenecks in parts of the network.
High CPU utilization • High CPU utilization rates indicates that a device is operating at or exceeding its design limits.
rates • If not addressed quickly, CPU overloading can cause a device to shut down or fail.
Console error • Error messages reported on the device console could indicate a physical layer problem.
messages • Console messages should be logged to a central syslog server.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
Symptoms and Causes of Network Problems
Physical Layer Troubleshooting (Cont.)
The table lists issues that commonly cause network problems at the physical layer.
Problem Cause Description
Power-related Check the operation of the fans and ensure that the chassis intake and exhaust vents are clear.
Faulty or corrupt NIC driver files, bad cabling, or grounding problems can cause network transmission
Hardware faults
errors such as late collisions, short frames, and jabber.
Look for damaged cables, improper cable, and poorly crimped connectors.
Cabling faults
Suspect cables should be tested or exchanged with a known functioning cable.
Attenuation can be caused if a cable length exceeds the design limit for the media, or when there is a
Attenuation
poor connection resulting from a loose cable, or dirty or oxidized contacts.
Local electromagnetic interference (EMI) can be generated by many sources, such as crosstalk,
Noise
nearby electric cables, large electric motors, FM radio stations, police radio, and more.
Interface configuration Causes can include incorrect clock rate, incorrect clock source, and interface not being turned on.
errors This causes a loss of connectivity with attached network segments.
Exceeding design
A component could operate sub-optimally if it is being utilized beyond specifications.
limits
Symptoms include processes with high CPU utilization percentages, input queue drops, slow
CPU overload performance, SNMP timeouts, no remote access, no DHCP services, Telnet, and pings are slow or fail
to respond.
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
Symptoms and Causes of Network Problems
Data Link Layer Troubleshooting
The table lists common symptoms of data link layer network problems.
Symptom Description

No functionality or connectivity Some Layer 2 problems can stop the exchange of frames across a link, while others only
at the network layer or above cause network performance to degrade.
• Frames can take a suboptimal path to their destination but still arrive causing the network
Network is operating below
to experience unexpected high-bandwidth usage on links.
baseline performance levels
• An extended or continuous ping can help reveal if frames are being dropped.
• Operating systems use broadcasts and multicasts extensively.
Excessive broadcasts • Generally, excessive broadcasts are the result of a poorly programmed or configured
applications, a large Layer 2 broadcast domains, or an underlying network problems .

• Routers send messages when it detects a problem with interpreting incoming frames
(encapsulation or framing problems) or when keepalives are expected but do not arrive.
Console messages
• The most common console message that indicates a Layer 2 problem is a line protocol
down message

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
Symptoms and Causes of Network Problems
Data Link Layer Troubleshooting
The table lists issues that commonly cause network problems at the data link layer.
Problem Cause Description
Encapsulation errors Occurs when bits placed in a field by the sender are not what the receiver
expects to see.
Address mapping Occurs when Layer 2 and Layer addressing is not available.
errors
Framing errors Framing errors can be caused by a noisy serial line, an improperly designed
cable, faulty NIC, duplex mismatch, or an incorrectly configured channel
service unit (CSU) line clock.
STP failures or loops Most STP problems are related to forwarding loops that occur when no ports
in a redundant topology are blocked and traffic is forwarded in circles
indefinitely, excessive flooding because of a high rate of STP topology
changes.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Symptoms and Causes of Network Problems
Network Layer Troubleshooting
The table lists common symptoms of network layer network problems.

Symptom Description

• Occurs when the network is nearly or completely non-functional, affecting all

users and applications on the network.
Network failure
• These failures are usually noticed quickly by users and network administrators
and are obviously critical to the productivity of a company.
• These involve a subset of users, applications, destinations, or a type of traffic.
• Optimization issues can be difficult to detect and even harder to isolate and
diagnose.
Suboptimal performance
• This is because they usually involve multiple layers, or even a single host
computer.
• Determining that the problem is a network layer problem can take time.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Symptoms and Causes of Network Problems
Network Layer Troubleshooting (Cont.)
The table lists common symptoms of network layer network problems.
Problem Cause Description
• Often a change in the topology may unknowingly have effects on other areas
of the network.
General network issues
• Determine whether anything in the network has recently changed, and if
there is anyone currently working on the network infrastructure.
Check for any equipment and connectivity problems, including power
Connectivity issues problems, environmental problems, and Layer 1 problems, such as cabling
problems, bad ports, and ISP problems.
Check the routing table for anything unexpected, such as missing routes or
Routing table
unexpected routes.
Check to see if there are any problems with the routers forming neighbor
Neighbor issues
adjacencies.
Check the table for anything unexpected, such as missing entries or
Topology database
unexpected entries. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Symptoms and Causes of Network Problems
Transport Layer Troubleshooting - ACLs
The table lists areas where ACL misconfigurations commonly occur.
Misconfigurations Description

Selection of traffic flow An ACL must be applied to the correct interface in the correct traffic direction.

Order of access control entries The entries in an ACL should be from specific to general.

Implicit deny any The implicit ACE can be the cause of an ACL misconfiguration.

Complex IPv4 wildcard masks are more efficient, but are more subject to
Addresses and IPv4 wildcard masks
configuration errors.

Selection of transport layer protocol It is important that only the correct transport layer protocol be specified in an ACE.

Source and destination ports Ensuring that the correct inbound and outbound ports are specified in an ACE

Use of the established keyword The established keyword applied incorrectly, can provide unexpected results.

Uncommon protocols Misconfigured ACLs often cause problems for protocols other than TCP and UDP.
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
Symptoms and Causes of Network Problems
Transport Layer Troubleshooting - NAT for IPv4
The table lists common interoperability areas with NAT.
Symptom Description
• The DHCP-Request packet has a source IPv4 address of 0.0.0.0.
• However, NAT requires both a valid destination and source IPv4 address,
BOOTP and DHCP therefore, BOOTP and DHCP can have difficulty operating over a router running
either static or dynamic NAT.
• Configuring the IPv4 helper feature can help solve this problem.
• A DNS server outside the NAT router does not have an accurate representation of
DNS the network inside the router.
• Configuring the IPv4 helper feature can help solve this problem.
• An SNMP management station on one side of a NAT router may not be able to
SNMP contact SNMP agents on the other side of the NAT router.
• Configuring the IPv4 helper feature can help solve this problem.
Encryption and tunneling protocols often require that traffic be sourced from a
Tunneling and encryption protocols specific UDP or TCP port, or use a protocol at the transport layer that cannot be
processed by NAT.
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
Symptoms and Causes of Network Problems
Application Layer Troubleshooting
The table provides a short description of these application layer protocols.

Applications Description
SSH/Telnet Enables users to establish terminal session connections with remote hosts.
Supports the exchanging of text, graphic images, sound, video, and other multimedia files on the
HTTP
web.
FTP Performs interactive file transfers between hosts.

TFTP Performs basic interactive file transfers typically between hosts and networking devices.

SMTP Supports basic message delivery services.

POP Connects to mail servers and downloads email.

SNMP Collects management information from network devices.

DNS Maps IP addresses to the names assigned to network devices.

NFS Network File System (NFS) enables computers to mount and use drives on remote hosts.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
12.5 Troubleshooting IP
Connectivity

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
Troubleshooting IP Connectivity
Components of Troubleshooting End-to-End Connectivity
Bottom-up approach steps when there is no end-to-end connectivity are as follows:
1. Check physical connectivity at the point where network communication stops.
2. Check for duplex mismatches.
3. Check data link and network layer addressing on the local network.
4. Verify that the default gateway is correct.
5. Ensure that devices are determining the correct path from the source to the
destination.
6. Verify the transport layer is functioning properly.
7. Verify that there are no ACLs blocking traffic.
8. Ensure that DNS settings are correct.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Troubleshooting IP Connectivity
End-to-End Connectivity Problem Initiates Troubleshooting
Usually what initiates a troubleshooting
effort is the discovery that there is a
problem with end-to-end connectivity.

Two of the most common utilities used

to verify a problem with end-to-end
connectivity are ping and traceroute.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Troubleshooting IP Connectivity
Step 1 - Verify the Physical Layer
The show interfaces command is useful
when troubleshooting performance-
related issues and hardware is suspected
to be at fault.

Of interest in the output are the:

• Interface status
• Input queue drops
• Output queue drops
• Input errors
• Output errors

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
Troubleshooting IP Connectivity
Step 2 - Check for Duplex Mismatches
The IEEE 802.3ab Gigabit Ethernet standard mandates the use of autonegotiation for
speed and duplex and practically all Fast Ethernet NICs also use autonegotiation by
default.

Problems can occur when there is a duplex mismatch.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
Troubleshooting IP Connectivity
Step 3 - Verify Addressing on the Local Network
The arp Windows command displays and modifies entries in the ARP cache that are used
to store IPv4 addresses and their resolved Ethernet physical (MAC) addresses.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
Troubleshooting IP Connectivity
Troubleshoot VLAN Assignment Example
Another issue to consider when troubleshooting end-to-end connectivity is VLAN
assignment.
For example, the MAC address on Fa0/1 should The following configuration changes Fa0/1 to
be in VLAN 10 instead of VLAN 1. VLAN 10 and verifies the change.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
Troubleshooting IP Connectivity
Step 4 - Verify Default Gateway
Misconfigured or missing default gateways can cause connectivity problems.

In the figure for example, the default

gateways for:
• R1 is 192.168.1.2 (R2)
• PC1 is 10.1.10.1 (R1 G0/0/0)

Useful commands to verify the default

gateway on:
• R1: show ip route
• PC1: route print (or netstat –r)

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
Troubleshooting IP Connectivity
Troubleshoot IPv6 Default Gateway Example
An IPv6default gateway can be configured manually, using SLAAC, or by using DHCPv6.

For example, a PC is unable to acquire its IPv6 R1 is enabled as an IPv6 router and now the
configuration using SLAAC. The command output verifies that R1 is a member of ff02::2,
output is missing the all IPv6-router multicast the All-IPv6-Routers multicast group.
group (FF02::2).

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
Troubleshooting IP Connectivity
Step 5 - Verify Correct Path
When troubleshooting, it is often necessary to verify the path to the destination network.

• The figure describes the process for

both the IPv4 and IPv6 routing tables.
• The process of forwarding IPv4 and
IPv6 packets is based on the longest bit
match or longest prefix match.
• The routing table process will attempt to
forward the packet using an entry in the
routing table with the greatest number
of leftmost matching bits.
• The number of matching bits is
indicated by the prefix length of the
route.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
Troubleshooting IP Connectivity
Step 6 - Verify the Transport Layer
Two of the most common issues that affect transport layer connectivity include ACL
configurations and NAT configurations.
• A common tool for testing transport layer functionality is the Telnet utility.

• For example, the administrator attempts to Telnet to R2 using port 80.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
Troubleshooting IP Connectivity
Step 7 - Verify ACLs
On routers, there may be ACLs that prohibit protocols from passing through the interface
in the inbound or outbound direction.
In this example, ACL 100 has been incorrectly The ACL is removed from G0/0/0 and
configured inbound on the G0/0/0 instead of configured inbound on S0/1/1.
inbound on S0/1/1.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
Troubleshooting IP Connectivity
Step 8 - Verify DNS
The DNS protocol controls the DNS, a distributed database with which you can map
hostnames to IP addresses.
• When you configure DNS on the device, you can substitute the hostname for the IP
address with all IP commands, such as ping or telnet. command output.
• Use the ip host global configuration
command to enter a name to be used
instead of the IPv4 address of the switch
or router, as shown in the command
output.

• Use the nslookup Windows command to

display the name-to-IP-address mapping
information.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
Troubleshooting IP Connectivity
Packet Tracer - Troubleshoot Enterprise Networks
In this Packet Tracer activity, you complete the following objectives:
• Part 1: Verify Switching Technologies
• Part 2: Verify DHCP
• Part 3: Verify Routing
• Part 4: Verify WAN Technologies
• Part 5: Verify Connectivity

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
12.6 Module Practice and Quiz

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58
Structured Design
Packet Tracer – Network Troubleshooting
In this Packet Tracer activity, you complete the following objectives:
• Test network connectivity.
• Compile host addressing information.
• Remotely access default gateway devices.
• Document default gateway device configurations.
• Discover devices on the network.
• Draw the network topology.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59
Structured Design
Packet Tracer – Troubleshoot Challenge – Use Documentation to
Solve Issues

In this Packet Tracer activity, you complete the following objectives:

• Use various techniques and tools to identify connectivity issues.
• Use documentation to guide troubleshooting efforts.
• Identify specific network problems.
• Implement solutions to network communication problems.
• Verify network operation.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
Module Practice and Quiz
What did I learn in this module?
• Common network documentation includes physical and logical network topologies, network
device documentation, and network performance baseline documentation.
• The troubleshooting process should be guided by structured methods such as the seven-step
troubleshooting process: (i.e., 1. Define the problem, 2. Gather information, 3. Analyze
information, 4. Eliminate possible causes, 5. Propose hypothesis, 6. Test hypothesis, and 7.
Solve the problem).
• Troubleshooting tools include NMS tools, knowledge bases, baselining tools, protocol
analyzer, digital multimeters, cable testers, cable analyzers, portable network analyzers,
Cisco Prime NAM, and syslog servers.
• Physical layer problems cause failures and suboptimal conditions. Data link layer problems
are typically caused by encapsulation errors, address mapping errors, framing errors, and
STP failures or loops. Network layer problems include IPv4, IPv6, routing protocols (such as
EIGRP, OSPF, etc.). Transport layer problems can be misconfigured NAT or ACLs.
Application layer problems can result in unreachable or unusable resources.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61
Module Practice and Quiz
What did I learn in this module? (Cont.)
• A bottom-up troubleshooting method can be used to solve connectivity problems. Start
verifying the physical layer, check for duplex mismatches, verify addressing and default gateway,
verify that the correct path is taken, and verify the transport layer.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62
Module 12: Network Troubleshooting
New Terms and Commands
• Network topology diagram • Cable testers
• Physical topology • Cable analyzers
• Logical topology • Portable Network Analyzers
• Network device documentation • Cisco Prime NAM
• Network baseline • Syslog
• Troubleshooting processes
• Seven-step troubleshooting process
• Bottom-up troubleshooting approach
• Top-down troubleshooting approach
• Divide-and-Conquer troubleshooting approach
• Follow-the-Path troubleshooting approach
• Substitution troubleshooting approach
• Comparison troubleshooting approach
• Educated Guess troubleshooting approach
• Network management system (NMS) tools
• Protocol analyzers
• Digital multimeters

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 63