You are on page 1of 9

6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore.

com

ICTShore.com (http://www.ictshore.com/)
Search...

HOME (HTTP://WWW.ICTSHORE.COM/) ABOUT (HTTP://WWW.ICTSHORE.COM/ABOUT/) LOG IN (HTTP://WWW.ICTSHORE.COM/WP-LOGIN.PHP)
REGISTER (HTTP://WWW.ICTSHORE.COM/WP-LOGIN.PHP?ACTION=REGISTER)

This is the topology we are going to work in. In the cloud, we have three switches, but we cannot see how they interconnect devices. We need to find out
with troubleshooting.

After that, we hidden all the switches. This way, we cannot simply see where the cable goes. Instead, we must check the configuration on the switches, doing
real switch troubleshooting. We will have to jump on the core device (TopSwitchL3) and then telnet into other switches.

The Requirements
Since this article is all about switch troubleshooting, there is no specific configuration requirement. You won’t implement anything new, but instead you
are going to work with issues. Cisco introduces you to troubleshooting with the concept of ticket, and because of that we will do the same. The technical
term for ticket is, in reality, incident: here’s the definition.

An incident (ticket) is an issue in the infrastructure causing it to behave unexpectedly.

It can be a hardware fault, someone plugging a PC in the wrong port, or anything else you need to fix. Tickets are raised by users complaining that
something do no work, then you need to identify the problem and solve it. For this article, you have three tickets to solve:

1. Users in the Sales office are complaining they cannot print
2. A guy from the Engineering department complains he has no network access
3. A Junior IT Support technician reported strange alerts on RightSwitch when connected via console

Device credentials
To access the peripheral switches (LeftSwitch, CenterSwitch and RightSwitch) contained in the cloud, refer to the following table.

Article continues below the advertisement

http://www.ictshore.com/free­ccna­course/switch­troubleshooting­basics/ 3/11

If you still cannot resolve the issue. Instead. check data-link layer and physical connections. Ticket #1 Define the problem The first ticket we are going to face is for the PCs in the Sales department that cannot print. We need to gather four items: IP address. later steps may be followed in a different order. This definition is way far from a punctual problem statement. These concepts are fundamentals. we know that it is unlikely to be a print problem. Moreover. Use the divide-and-conquer approach.COM/WP-LOGIN. and it shouldn’t be happening. After calling users. You ask the users to open the command prompt (from the Start or with Win+R.ictshore. Downtimes & Malfunctions. subnet mask and Physical address (mac address). Troubleshooting approaches and Tips Some people thing troubleshooting is like an art. we clarify that they cannot access printers. However. HOME (HTTP://WWW.com (http://www.com/free­ccna­course/switch­troubleshooting­basics/ 4/11 .2 ictshore ictshore CenterSwitch 10. First. talking with the user if necessary.ictshore. 1. servers and file share on the network.3 ictshore ictshore RightSwitch 10. Verify trunk ports configuration 5.1 . then cmd for Windows users) and type ipconfig /all .COM/ABOUT/) LOG IN (HTTP://WWW.ICTSHORE. so you won’t be repeating steps. With this approach. do a traceroute to find where in the network the problem is. state the problem clearly. This approach is opposed to the bottom-up approach (starting from the cabling) and the top-down approach (starting from the application).ICTSHORE. but for now we will give you just a few tips.PHP) REGISTER (HTTP://WWW.0.80.. the following list is the one that will get you to the problem faster. but the two PCs can communicate with one another. We can talk a lot about troubleshooting approaches. you start in the middle of the OSI layer. Both users have the same problem. if the ping fails. It’s time for you to gather technical details. check for application problems at upper OSI layers.80. Troubleshooting can be stressful. we cannot define a specific steps list that will work 100% of the times. check for users having similar issues. This is useful for complex issues or infrastructures. as you convince yourself that there is no reason for the problem. Nonetheless.ICTSHORE. You need to have a plan. However. based on what the problem really is. Instead. don’t panic.4 ictshore ictshore List of steps Since this is a troubleshooting article.com/) Search. http://www.ICTSHORE. This is frustrating. 30-day Free Trial! Access credential Device IP address VTY password Enable secret TopSwitch 10. Troubleshoot client issues The first step is going to be “Define the problem” every time. we arranged it to be optimized for switch troubleshooting.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. We are going to see how right below when working on the tickets. We are going to follow these steps for both tickets. but before we do it we should talk about troubleshooting approaches. default gateway.PHP?ACTION=REGISTER) SNMP Monitoring Tool Detect Security Events. The two devices having problem are Laptop0 and Laptop1. Find device(s) having issues 3. Define the problem 2. and you might end up performing the same checks again and again. Based on that. troubleshooting is a simple task that can be written in form of procedure. it is happening.80..0. They will help you a lot in switch troubleshooting. Google is your friend. Check VLANs configuration 4.0.COM/WP-LOGIN. Check access ports configuration 6.COM/) ABOUT (HTTP://WWW. This mean you start by pinging between the two devices that cannot communicate. so here is an example of Laptop 0 output. Write down everything you do. Then.0.com ICTShore. If the ping is successful.80. ictshore LeftSwitch 10.

100. Both laptops are not reachable from their default gateway (TopSwitchL3). here is what we have learnt. and we try to ping these two IP addresses.ictshore. we are checking if our switch was able to resolve the IP addresses to MAC addresses.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore.. we know that IP configuration on the two laptops is correct. we need to verify if data-link layer is working as expected. To verify data-link layer. This is likely to be a network issue. we jump on the TopSwitchL3.255.0 .20. Gathering more information When we face this kind of problem.com (http://www. Its default gateway is still 10.ICTSHORE.255.255.com ICTShore.10 and subnet mask of 255.2. Both pings will fail. User 1 is using a laptop with IP 10. we start by issuing show ip arp just after those pings. with IP 10.COM/) ABOUT (HTTP://WWW.2.ICTSHORE.ICTSHORE. but we need to know if they can reach at least their gateway.100.com/free­ccna­course/switch­troubleshooting­basics/ 5/11 . This is the content of the ARP table. Verify ARP cache Since pings are failing.PHP) REGISTER (HTTP://WWW. HOME (HTTP://WWW.1 and the MAC address is 00‐D0‐FF‐ 66‐C6‐A1 . we know that these two PCs are somehow isolated.100.11 and subnet mask of 255. and we are in the same subnet.20.ICTSHORE.PHP?ACTION=REGISTER) This is the output from Laptptop0 After talking with the user. and we need to find where in the network the issue is. From that.com/) Search. Its default gateway is 10..ictshore. User 2 is also using a laptop. With this command. So. which is the default gateway.100.255.COM/WP-LOGIN.0 .1 and the MAC address is 00‐E0‐8F‐E1‐5D‐8B .COM/ABOUT/) LOG IN (HTTP://WWW. or if there is a problem with L2 segmentation.COM/WP-LOGIN. http://www. In other words. we need to find out where the isolation is.

Now we are sure that communication with the device doing routing is broken.c6a1 (in Cisco notation).. This is the content of the MAC address table. Since we don’t know to where in the network Laptop0 is. Ping fails as expected. We are looking for the MAC address of the Laptop0.1 . at least. here’s their meaning.com (http://www.ICTSHORE. or even thousands of entries in a real-world switch performing routing. our PC has generated some traffic. Moreover. Nevertheless. http://www.COM/WP-LOGIN. which is 00d0. but we don’t know if our requests made it to the client.com/) several columns. once again. Search. It may contain hundreds. Our objective is to find a switch having that MAC address in the MAC address table.2 and enter the password as required.PHP?ACTION=REGISTER) Type – ARP encapsulation type. We do it by typing show mac address‐table from the privileged exec prompt. the device won’t have generated any traffic. In other words. way out of scope for this article Interface – On which interface the switch learnt the MAC address Entries that has no age (but a dash instead) are the ones associated switch’s IP addresses. so we have a problem at the data-link layer or even below. The switch will populate that table and keep it up-to-date every time it receives an ethernet frame. Verify MAC address table The MAC address table on a switch remembers the association between a MAC address and a physical port of the switch. ARP requests made from other devices and passing through the switch will be ignored. In case they didn’t. we cannot find this MAC address here.ICTSHORE. We need to find if we can reach the peripheral switch.ICTSHORE. we didn’t find any MAC address but the ones of the local switch.com/free­ccna­course/switch­troubleshooting­basics/ 6/11 . jump on Laptop0 and ping the default gateway.2.0. we are going to connect to LeftSwitch.COM/) ABOUT – Time in minutes since the (HTTP://WWW.ICTSHORE. you can find all the bindings between IP addresses and MAC addresses the switch know. 10.ictshore. Then. To do it. Checking the previous output. In other words. laptops must generate traffic and that traffic must reach the Top switch.com The command show ip arp presents you the content of the ARP table.ff66. Protocol – Internet stands for IP. we need to check all the switches.. As as a result.80. Checking MAC address table on peripheral switches To continue with our switch troubleshooting. Just to be sure. note that this table is populated only from ARP requests the switch made. then type telnet 10. This mean that ARP requests have been failing. remain on TopSwitchL3 in privileged exec.100. identifies the protocol that triggered the ARP request/response process Address – IP address HOMEAge (HTTP://WWW. issue show mac address‐table and check the results. generally “ARPA”. This command presents you ICTShore.PHP) Hardware Addr – MAC address associated to the IP address in the same row REGISTER (HTTP://WWW.ictshore. Even if ping fails.COM/WP-LOGIN.COM/ABOUT/) entry is in the table LOG IN (HTTP://WWW. Even ARP responses are traffic. to see the MAC address of these laptops on the Top switch.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. so we can check the ARP table on the Top switch to see if they made it.

all we need to do is enter in configuration mode.COM/ABOUT/) LOG IN (HTTP://WWW. so it could be potentially a problem of that VLAN. HOME (HTTP://WWW. Review this configuration. it means the MAC address table aged out. try to discover where Laptop1 is connected on your own. immediately check the MAC address table. we need to check if this VLAN goes on the trunk toward TopSwitchL3. all devices inside VLAN 102 on LeftSwitches. Try again the ping from the Laptop and. was isolated from everything else. VLAN 102 is missing from the trunk to TopSwitchL3.ICTSHORE. Below. but there might be some problems between LeftSwitch and top switch. Ticket #2 Define the problem http://www.ictshore. interface GigabitEthernet 0/1   switchport trunk allowed vlan add 102   end  Once you typed that.COM/WP-LOGIN. Here we are! We found our device..ICTSHORE.ictshore.PHP) REGISTER (HTTP://WWW. Consequently.ICTSHORE.PHP?ACTION=REGISTER) This time we found the device we were looking for (highlighted). static means it was hardcoded Port – Physical port this MAC address was seen on Tip: if you don’t see the MAC address even there. and we find that VLAN 102 is the one for Laptops. This must be the problem.COM/) ABOUT (HTTP://WWW.com ICTShore. this comes from the VLAN associated to the port Mac Address – the MAC address itself Type – How the MAC address was learnt. dynamic means from an ethernet frame. here’s the explanation of show mac address‐table output. This problem prevented all the traffic from devices on LeftSwitch to reach the TopSwitch. as soon as it finishes. try to ping the default gateway from both Laptop1 and Laptop2.com/free­ccna­course/switch­troubleshooting­basics/ 7/11 . Before we check that. we know that the connection between Laptop0 and LeftSwitch is working fine. it is connected to the FastEthernet 0/10 port on LeftSwitch. and when you feel confident with what we did move to the next ticket. At this point.ICTSHORE. As a result. Therefore. the routing core.com/) Search. Vlan – the VLAN associated to the MAC address.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. Checking trunks This problem involves two devices on the same VLAN. the needed commands. go under the interface GigabitEthernet 0/1 and add the missing VLANs. We do that with show interfaces trunk . Just for the sake of learning..com (http://www. We issue show vlan brief to check if the VLAN exists.COM/WP-LOGIN.

com/) Therefore.0. likely to be connected to another Switch. You will find that this PC has the IP address 10. First thing. Since we know the REGISTER (HTTP://WWW. To help you.COM/WP-LOGIN. type ipconfig /all . Since we saw the MAC address of the laptop coming from that interface. Apparently.PHP?ACTION=REGISTER) problem is likely to be on the device.ictshore. http://www.ICTSHORE. from the command prompt of Laptop2.COM/) ABOUT (HTTP://WWW. the laptop might seem connected to FastEthernet 0/2 on TopSwitchL3. Thus. the laptop is in VLAN 301 (servers) instead of VLAN 102 (laptops). Gathering additional information HOME (HTTP://WWW. we know the problem is on Laptop2. FastEthernet 0/2 is the interface connecting CenterSwitch.com (http://www. This interface is a trunk. However.com The second ticket in our Switch Troubleshooting is the one from the Engineering guy. ICTShore. We can reach it with telnet 10. the one complaining to have no network access.100. log into Laptop2 and. At a first glance.ictshore.. we need to know the whereabouts of the PC.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. the default gateway is the 10. we are doing switch troubleshooting. the laptop must be connected to that switch. we see than this port is associated to multiple MAC addresses in different VLANs.80.PHP) Again.100. from the prompt.154c. All laptops are working fine. we found it.COM/ABOUT/) LOG IN (HTTP://WWW.1 and the MAC address is 0002. so we must look closely. We should check whether it is a trunk using our friend show interfaces trunk . we know that this problem is very limited.2.com/free­ccna­course/switch­troubleshooting­basics/ 8/11 . and other devices connected to the same switch are working fine too. and only on that device.COM/WP-LOGIN.552c .3 and check its MAC address table.154c. The problem is clear from there.ICTSHORE. We can see the MAC address of the laptop on TopSwitchL3. immediately check the MAC address table of TopSwitchL3 with show mac address‐table command .552c . After that..2. Finding the device in the network This time we will go much faster. This time. and can be associated to either PC settings or access port settings.ICTSHORE. issue a ping toward 10.2.1 to generate traffic.12 associated with a /24 subnet mask. We are looking for 0002.100.ICTSHORE. So. Search. it’s time to find it.

PHP?ACTION=REGISTER) Here we are.com/) Search.COM/WP-LOGIN. %CDP – Cisco Discovery Protocol.. If you wait for about 30 seconds with the terminal monitor on.4 to check those messages. since messages normally appear in console only.COM/ABOUT/) LOG IN (HTTP://WWW.com (http://www. This message is extremely clear. Log into RightSwitch using telnet 10. To see the log messages in VTY lines.ICTSHORE.0. is the protocol that noticed the error 4 – Severity. as it should be. where 0 is the most sever and 7 is debugging. %CDP‐4‐NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet0/1 (1). with TopSwitchL3 FastEtherent0/3 (99). Ticket #3 Define the problem For the third ticket of our switch troubleshooting. NATIVE_VLAN_MISMATCH – The code of the error http://www. Fixing Native VLAN Mismatch Let’s analyze the syntax. but analyzing all its sections will make that even clearer.ICTSHORE. you will see a CDP error message as in picture.COM/WP-LOGIN. a Junior technician told us about strange messages on RightSwitch.com/free­ccna­course/switch­troubleshooting­basics/ 9/11 . 4 means warning. use the following commands. This time we truly found the device.PHP) REGISTER (HTTP://WWW. However. indicates how sever this error is.ICTSHORE. and pinging again can prove it. Interface FastEhternet 0/10 is an access port in VLAN 301. and we don’t have console access. type terminal monitor .com ICTShore. So.COM/) ABOUT (HTTP://WWW.. and to disable that use terminal no monitor . The problem is fixed. HOME (HTTP://WWW. we need to find an alternative way.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. To put it in VLAN 102.ICTSHORE.80. Here’s the whole message.ictshore.ictshore. we know where the problem is and we just need to check those messages. Here is the CDP error we were looking for. interface FastEtherent 0/10   switchport access vlan 102   end  Done.

I do that as a Network Engineer by designing and implementing solutions.ictshore. To fix this.com Native VLAN mismatch discovered – Brief description of the error.COM/WP-LOGIN. OSI (http://www. and perform basic troubleshooting. Networking (http://www.ICTSHORE.com/tag/trunk/).ictshore. TopSwitchL3 is REGISTER (HTTP://WWW.ictshore.com/tag/ip/).1q (http://www.ictshore..ictshore. Continue to follow our Free CCNA course to learn everything else you need to work in networking.ICTSHORE. These two commands help you to locate devices in the network.com/tag/switching/). simply add the commands below.com/tag/configuration/). Just to recap.ictshore. FULL BIO → (HTTP://ICTSHORE.com/category/networking-fundamentals/).ictshore. you won’t see any more message like that. Cisco (http://www. Switching (http://www. with TopSwitchL3 – Hostname of the remote switch FastEthernet0/3 – interface of the remote switch HOME(99) (HTTP://WWW.ictshore.PHP) What this message is trying to say is that the native VLAN on this switch differs with the one on the other side of the trunk. With experience increasing.com/tag/native-vlan-mismatch/).. IEEE 802. it indicates that the native VLAN on one side of a trunk is different from the one set by the other switch ICTShore.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. Hands-on Lab (http://www.ictshore.com/tag/cisco-packet-tracer/). Trunk (http://www.com/tag/access-ports/). VLANs (http://www.com/tag/vlans/) Alessandro Maggio I love delivering first-class network environments. Subscribe!  Free CCNA Course (http://www.com (http://www. GET YOUR CCNA FASTER Get labs. Configuration (http://www. Troubleshooting (http://www.COM/) ABOUTswitch – Native VLAN of the remote (HTTP://WWW.ictshore. Networking Fundamentals (http://www. Switching (http://www.com/category/free-ccna-course/). now everything works as expected.COM/ABOUT/) LOG IN (HTTP://WWW.com/free-ccna-course/vlans-configuration-cisco-switch/) How to use CDP and LLDP to discover the network topology → (http://www. we learnt two powerful commands: show ip arp and show mac address‐table .com/category/networking-fundamentals/switching/).com/tag/osi/).com/tag/ieee-802-1q/). IP (http://www. challenges and exclusive content for free .ictshore. you will become faster and faster in switch troubleshooting tasks.ictshore.com/tag/cisco/).directly to your inbox Your email goes here.ICTSHORE.com/) on GigabitEthernet0/1 – interface of the local switch (1) – Native VLAN of the local switch Search.com/free­ccna­course/switch­troubleshooting­basics/ 10/11 . and get your certification fast and easy.com/tag/networking/).com/category/hands-on-lab/).COM/WP-LOGIN. Cisco Packet Tracer (http://www.ictshore. which I am often able to deploy in a partially-automated fashion by developing process automation scripts.ictshore..ictshore..com/tag/cisco-ios- commands/). Specifically. Native VLAN Mismatch (http://www. Conclusion Congratulations! We finished our switch troubleshooting successfully.ictshore. Cisco IOS commands (http://www.ictshore.COM/ABOUT/) ← VLANs Configuration on a Cisco Switch Tutorial (http://www.ictshore.com/free-ccna-course/cdp-lldp-discover-network-topology/) LEAVE A REPLY http://www.ictshore.PHP?ACTION=REGISTER) using VLAN 99 – correct – while RightSwitch is using VLAN 1 – wrong.ictshore.ictshore.com/category/troubleshooting/)  access ports (http://www.ictshore.ICTSHORE. interface GigabitEthernet0/1   switchport trunk native vlan 99   end  Then wait for about a minute.

.COM/ABOUT/) LOG IN (HTTP://WWW.PHP) REGISTER (HTTP://WWW. Stateless and Stateful (http://www.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore.ictshore.com/free-ccna-course/cisco-dhcp-server/) Client Troubleshooting: IP and DNS Settings (http://www..com/free-ccna-course/client-troubleshooting/) ADVERTISEMENT http://www.COM/) ABOUT (HTTP://WWW.. Required fields are marked * ICTShore..com Your email address will not be published.ICTSHORE.ictshore. for free.com/free-ccna-course/access-lists-fundamentals/) NTP Configuration on Cisco Devices (http://www.ictshore.com/free­ccna­course/switch­troubleshooting­basics/ 11/11 . Join other professionals now! Your email goes here.Terms Post Comment BOOST YOUR KNOWLEDGE We deliver exclusive content to our subscribers.ICTSHORE.COM/WP-LOGIN.COM/WP-LOGIN. Subscribe! RECENT POSTS Access Lists fundamentals on Cisco Devices (http://www.com (http://www.com/) Start typing.com/free-ccna-course/dhcpv6-basics/) DHCP Server on Cisco Router: Configure and Troubleshoot (http://www.PHP?ACTION=REGISTER) Name * Email * Website I'm not a robot reCAPTCHA Privacy . Search.ictshore.ictshore. HOME (HTTP://WWW.ICTSHORE.ictshore.ictshore.ICTSHORE..com/free-ccna-course/ntp-configuration/) DHCPv6 Configuration: SLAAC.