You are on page 1of 9

6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore.

com

ICTShore.com (http://www.ictshore.com/)
Search...

HOME (HTTP://WWW.ICTSHORE.COM/) ABOUT (HTTP://WWW.ICTSHORE.COM/ABOUT/) LOG IN (HTTP://WWW.ICTSHORE.COM/WP-LOGIN.PHP)
REGISTER (HTTP://WWW.ICTSHORE.COM/WP-LOGIN.PHP?ACTION=REGISTER)

This is the topology we are going to work in. In the cloud, we have three switches, but we cannot see how they interconnect devices. We need to find out
with troubleshooting.

After that, we hidden all the switches. This way, we cannot simply see where the cable goes. Instead, we must check the configuration on the switches, doing
real switch troubleshooting. We will have to jump on the core device (TopSwitchL3) and then telnet into other switches.

The Requirements
Since this article is all about switch troubleshooting, there is no specific configuration requirement. You won’t implement anything new, but instead you
are going to work with issues. Cisco introduces you to troubleshooting with the concept of ticket, and because of that we will do the same. The technical
term for ticket is, in reality, incident: here’s the definition.

An incident (ticket) is an issue in the infrastructure causing it to behave unexpectedly.

It can be a hardware fault, someone plugging a PC in the wrong port, or anything else you need to fix. Tickets are raised by users complaining that
something do no work, then you need to identify the problem and solve it. For this article, you have three tickets to solve:

1. Users in the Sales office are complaining they cannot print
2. A guy from the Engineering department complains he has no network access
3. A Junior IT Support technician reported strange alerts on RightSwitch when connected via console

Device credentials
To access the peripheral switches (LeftSwitch, CenterSwitch and RightSwitch) contained in the cloud, refer to the following table.

Article continues below the advertisement

http://www.ictshore.com/free­ccna­course/switch­troubleshooting­basics/ 3/11

Troubleshooting can be stressful. do a traceroute to find where in the network the problem is.COM/) ABOUT (HTTP://WWW. Find device(s) having issues 3. as you convince yourself that there is no reason for the problem. The two devices having problem are Laptop0 and Laptop1. if the ping fails. check for users having similar issues. 1. It’s time for you to gather technical details.80. 30-day Free Trial! Access credential Device IP address VTY password Enable secret TopSwitch 10.com (http://www. With this approach. This definition is way far from a punctual problem statement.com/free­ccna­course/switch­troubleshooting­basics/ 4/11 .COM/WP-LOGIN. then cmd for Windows users) and type ipconfig /all .ICTSHORE..0. Define the problem 2. Troubleshoot client issues The first step is going to be “Define the problem” every time. Google is your friend. They will help you a lot in switch troubleshooting.com/) Search. we clarify that they cannot access printers. We need to gather four items: IP address. Downtimes & Malfunctions. HOME (HTTP://WWW. subnet mask and Physical address (mac address). we know that it is unlikely to be a print problem. Write down everything you do. and you might end up performing the same checks again and again.1 . Based on that. This is frustrating.80. Use the divide-and-conquer approach.ICTSHORE. These concepts are fundamentals. We are going to follow these steps for both tickets.ICTSHORE. First. but before we do it we should talk about troubleshooting approaches.80. This is useful for complex issues or infrastructures. After calling users. we arranged it to be optimized for switch troubleshooting. http://www. If you still cannot resolve the issue. You ask the users to open the command prompt (from the Start or with Win+R. Troubleshooting approaches and Tips Some people thing troubleshooting is like an art. but for now we will give you just a few tips. later steps may be followed in a different order.ICTSHORE.COM/ABOUT/) LOG IN (HTTP://WWW.80.ictshore. troubleshooting is a simple task that can be written in form of procedure. check data-link layer and physical connections. the following list is the one that will get you to the problem faster. based on what the problem really is. Nonetheless. talking with the user if necessary.COM/WP-LOGIN. default gateway. However. Then.0.PHP?ACTION=REGISTER) SNMP Monitoring Tool Detect Security Events. We can talk a lot about troubleshooting approaches.0. Check access ports configuration 6. However.com ICTShore. and it shouldn’t be happening. servers and file share on the network.4 ictshore ictshore List of steps Since this is a troubleshooting article. Moreover.ictshore. state the problem clearly.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. Instead. but the two PCs can communicate with one another. we cannot define a specific steps list that will work 100% of the times.. so you won’t be repeating steps. so here is an example of Laptop 0 output.3 ictshore ictshore RightSwitch 10. it is happening. You need to have a plan. Check VLANs configuration 4. Instead. you start in the middle of the OSI layer. check for application problems at upper OSI layers. If the ping is successful. Both users have the same problem. Verify trunk ports configuration 5.0. This mean you start by pinging between the two devices that cannot communicate. We are going to see how right below when working on the tickets. don’t panic.PHP) REGISTER (HTTP://WWW. Ticket #1 Define the problem The first ticket we are going to face is for the PCs in the Sales department that cannot print.2 ictshore ictshore CenterSwitch 10. ictshore LeftSwitch 10. This approach is opposed to the bottom-up approach (starting from the cabling) and the top-down approach (starting from the application).

ICTSHORE.ICTSHORE. but we need to know if they can reach at least their gateway. User 2 is also using a laptop. or if there is a problem with L2 segmentation.ICTSHORE. and we need to find where in the network the issue is. This is the content of the ARP table. HOME (HTTP://WWW. To verify data-link layer.ICTSHORE. we know that IP configuration on the two laptops is correct.1 and the MAC address is 00‐D0‐FF‐ 66‐C6‐A1 . here is what we have learnt.ictshore.255.COM/WP-LOGIN.11 and subnet mask of 255. From that.255. Both pings will fail. we know that these two PCs are somehow isolated.. Verify ARP cache Since pings are failing. Its default gateway is still 10.100.COM/ABOUT/) LOG IN (HTTP://WWW. and we try to ping these two IP addresses.20.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. we need to verify if data-link layer is working as expected. and we are in the same subnet.1 and the MAC address is 00‐E0‐8F‐E1‐5D‐8B . http://www.com/free­ccna­course/switch­troubleshooting­basics/ 5/11 . This is likely to be a network issue.com/) Search. we are checking if our switch was able to resolve the IP addresses to MAC addresses.ictshore.COM/WP-LOGIN.100. In other words. Gathering more information When we face this kind of problem.2. we start by issuing show ip arp just after those pings. With this command. we need to find out where the isolation is. Its default gateway is 10.100.10 and subnet mask of 255.COM/) ABOUT (HTTP://WWW. we jump on the TopSwitchL3.0 .PHP) REGISTER (HTTP://WWW. with IP 10. which is the default gateway.PHP?ACTION=REGISTER) This is the output from Laptptop0 After talking with the user.255.com (http://www. User 1 is using a laptop with IP 10.com ICTShore. Both laptops are not reachable from their default gateway (TopSwitchL3).2.0 . So.100.20..255.

Ping fails as expected. To do it. Verify MAC address table The MAC address table on a switch remembers the association between a MAC address and a physical port of the switch.ff66. but we don’t know if our requests made it to the client. which is 00d0. Just to be sure.PHP?ACTION=REGISTER) Type – ARP encapsulation type.. the device won’t have generated any traffic. This is the content of the MAC address table. way out of scope for this article Interface – On which interface the switch learnt the MAC address Entries that has no age (but a dash instead) are the ones associated switch’s IP addresses. laptops must generate traffic and that traffic must reach the Top switch. Our objective is to find a switch having that MAC address in the MAC address table.COM/WP-LOGIN. It may contain hundreds. identifies the protocol that triggered the ARP request/response process Address – IP address HOMEAge (HTTP://WWW.COM/WP-LOGIN. Even ARP responses are traffic.80. In other words.2. Search. Moreover. Even if ping fails. This mean that ARP requests have been failing.100. we didn’t find any MAC address but the ones of the local switch. In case they didn’t.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. here’s their meaning. ARP requests made from other devices and passing through the switch will be ignored.1 . We need to find if we can reach the peripheral switch. or even thousands of entries in a real-world switch performing routing.ICTSHORE. we are going to connect to LeftSwitch.PHP) Hardware Addr – MAC address associated to the IP address in the same row REGISTER (HTTP://WWW. at least. http://www. As as a result. Checking the previous output.com The command show ip arp presents you the content of the ARP table. we cannot find this MAC address here.com/) several columns. then type telnet 10.com/free­ccna­course/switch­troubleshooting­basics/ 6/11 . The switch will populate that table and keep it up-to-date every time it receives an ethernet frame.COM/) ABOUT – Time in minutes since the (HTTP://WWW. note that this table is populated only from ARP requests the switch made. This command presents you ICTShore.2 and enter the password as required. so we can check the ARP table on the Top switch to see if they made it. our PC has generated some traffic. once again. Then.ICTSHORE. generally “ARPA”. 10. you can find all the bindings between IP addresses and MAC addresses the switch know.com (http://www.c6a1 (in Cisco notation). Nevertheless.ictshore. In other words. to see the MAC address of these laptops on the Top switch. we need to check all the switches. We do it by typing show mac address‐table from the privileged exec prompt.0. jump on Laptop0 and ping the default gateway. so we have a problem at the data-link layer or even below. remain on TopSwitchL3 in privileged exec.. Protocol – Internet stands for IP.ictshore. We are looking for the MAC address of the Laptop0. Now we are sure that communication with the device doing routing is broken.ICTSHORE. issue show mac address‐table and check the results. Since we don’t know to where in the network Laptop0 is. Checking MAC address table on peripheral switches To continue with our switch troubleshooting.ICTSHORE.COM/ABOUT/) entry is in the table LOG IN (HTTP://WWW.

com (http://www. here’s the explanation of show mac address‐table output. We issue show vlan brief to check if the VLAN exists. so it could be potentially a problem of that VLAN. go under the interface GigabitEthernet 0/1 and add the missing VLANs. VLAN 102 is missing from the trunk to TopSwitchL3. Consequently. This must be the problem. As a result.COM/) ABOUT (HTTP://WWW..COM/ABOUT/) LOG IN (HTTP://WWW. Therefore.ictshore. as soon as it finishes. but there might be some problems between LeftSwitch and top switch. Ticket #2 Define the problem http://www. it is connected to the FastEthernet 0/10 port on LeftSwitch. We do that with show interfaces trunk . the needed commands. At this point. try to ping the default gateway from both Laptop1 and Laptop2. This problem prevented all the traffic from devices on LeftSwitch to reach the TopSwitch. we know that the connection between Laptop0 and LeftSwitch is working fine.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. try to discover where Laptop1 is connected on your own.ICTSHORE. HOME (HTTP://WWW. dynamic means from an ethernet frame. Before we check that.COM/WP-LOGIN. interface GigabitEthernet 0/1   switchport trunk allowed vlan add 102   end  Once you typed that.ICTSHORE. all we need to do is enter in configuration mode.PHP?ACTION=REGISTER) This time we found the device we were looking for (highlighted).COM/WP-LOGIN.PHP) REGISTER (HTTP://WWW. and we find that VLAN 102 is the one for Laptops. Checking trunks This problem involves two devices on the same VLAN. Here we are! We found our device. immediately check the MAC address table. static means it was hardcoded Port – Physical port this MAC address was seen on Tip: if you don’t see the MAC address even there. and when you feel confident with what we did move to the next ticket.ICTSHORE. Below. it means the MAC address table aged out. Vlan – the VLAN associated to the MAC address. we need to check if this VLAN goes on the trunk toward TopSwitchL3.com/) Search. was isolated from everything else. Just for the sake of learning. Try again the ping from the Laptop and. this comes from the VLAN associated to the port Mac Address – the MAC address itself Type – How the MAC address was learnt.com ICTShore. Review this configuration.. all devices inside VLAN 102 on LeftSwitches.ICTSHORE.ictshore. the routing core.com/free­ccna­course/switch­troubleshooting­basics/ 7/11 .

and only on that device. We are looking for 0002. Since we saw the MAC address of the laptop coming from that interface.3 and check its MAC address table. ICTShore. So. First thing. we need to know the whereabouts of the PC.80.12 associated with a /24 subnet mask.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. from the command prompt of Laptop2. At a first glance.1 to generate traffic.ICTSHORE.100.2. You will find that this PC has the IP address 10.. and other devices connected to the same switch are working fine too.100. we see than this port is associated to multiple MAC addresses in different VLANs. likely to be connected to another Switch. Gathering additional information HOME (HTTP://WWW.PHP?ACTION=REGISTER) problem is likely to be on the device. Apparently.ictshore.COM/WP-LOGIN.ICTSHORE. the laptop is in VLAN 301 (servers) instead of VLAN 102 (laptops).1 and the MAC address is 0002. immediately check the MAC address table of TopSwitchL3 with show mac address‐table command . the laptop might seem connected to FastEthernet 0/2 on TopSwitchL3. After that.552c . FastEthernet 0/2 is the interface connecting CenterSwitch..COM/WP-LOGIN.154c.com The second ticket in our Switch Troubleshooting is the one from the Engineering guy.552c . the laptop must be connected to that switch.0. To help you. All laptops are working fine.COM/ABOUT/) LOG IN (HTTP://WWW.ICTSHORE. the default gateway is the 10.2. we know that this problem is very limited. Since we know the REGISTER (HTTP://WWW.com (http://www. we are doing switch troubleshooting. http://www. Finding the device in the network This time we will go much faster. We can reach it with telnet 10. log into Laptop2 and.ICTSHORE.com/free­ccna­course/switch­troubleshooting­basics/ 8/11 . This interface is a trunk. so we must look closely. type ipconfig /all . We should check whether it is a trunk using our friend show interfaces trunk . Search. We can see the MAC address of the laptop on TopSwitchL3. However.154c. This time. we know the problem is on Laptop2. it’s time to find it. The problem is clear from there. the one complaining to have no network access.COM/) ABOUT (HTTP://WWW.com/) Therefore. issue a ping toward 10. from the prompt.PHP) Again. Thus. we found it.2. and can be associated to either PC settings or access port settings.ictshore.100.

type terminal monitor .com/free­ccna­course/switch­troubleshooting­basics/ 9/11 . Log into RightSwitch using telnet 10.PHP) REGISTER (HTTP://WWW. we need to find an alternative way. To see the log messages in VTY lines.0. and to disable that use terminal no monitor . interface FastEtherent 0/10   switchport access vlan 102   end  Done. This time we truly found the device.COM/) ABOUT (HTTP://WWW. and pinging again can prove it. However.4 to check those messages. indicates how sever this error is. and we don’t have console access. 4 means warning.ICTSHORE. Interface FastEhternet 0/10 is an access port in VLAN 301. a Junior technician told us about strange messages on RightSwitch.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. since messages normally appear in console only. To put it in VLAN 102.ICTSHORE. Ticket #3 Define the problem For the third ticket of our switch troubleshooting. but analyzing all its sections will make that even clearer.COM/WP-LOGIN.ictshore. If you wait for about 30 seconds with the terminal monitor on. So.PHP?ACTION=REGISTER) Here we are. %CDP‐4‐NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet0/1 (1).COM/ABOUT/) LOG IN (HTTP://WWW. Fixing Native VLAN Mismatch Let’s analyze the syntax. is the protocol that noticed the error 4 – Severity. This message is extremely clear. %CDP – Cisco Discovery Protocol. with TopSwitchL3 FastEtherent0/3 (99). HOME (HTTP://WWW. we know where the problem is and we just need to check those messages. use the following commands. Here is the CDP error we were looking for.com/) Search. where 0 is the most sever and 7 is debugging.80.com (http://www. as it should be.ictshore.ICTSHORE. you will see a CDP error message as in picture.COM/WP-LOGIN. The problem is fixed.ICTSHORE. NATIVE_VLAN_MISMATCH – The code of the error http://www...com ICTShore. Here’s the whole message.

Just to recap.com/free­ccna­course/switch­troubleshooting­basics/ 10/11 .ICTSHORE. FULL BIO → (HTTP://ICTSHORE. and get your certification fast and easy.COM/WP-LOGIN.ictshore.ictshore.ICTSHORE. Continue to follow our Free CCNA course to learn everything else you need to work in networking. GET YOUR CCNA FASTER Get labs.ictshore.PHP?ACTION=REGISTER) using VLAN 99 – correct – while RightSwitch is using VLAN 1 – wrong.com Native VLAN mismatch discovered – Brief description of the error.com/tag/osi/).com/) on GigabitEthernet0/1 – interface of the local switch (1) – Native VLAN of the local switch Search.ictshore.com/tag/trunk/).com/tag/vlans/) Alessandro Maggio I love delivering first-class network environments.com/tag/cisco-packet-tracer/).com/category/networking-fundamentals/switching/).com/free-ccna-course/cdp-lldp-discover-network-topology/) LEAVE A REPLY http://www... Conclusion Congratulations! We finished our switch troubleshooting successfully. IP (http://www. Specifically.. which I am often able to deploy in a partially-automated fashion by developing process automation scripts. VLANs (http://www.ictshore. it indicates that the native VLAN on one side of a trunk is different from the one set by the other switch ICTShore. Switching (http://www.com/tag/ieee-802-1q/).ictshore.com/free-ccna-course/vlans-configuration-cisco-switch/) How to use CDP and LLDP to discover the network topology → (http://www.com/category/free-ccna-course/).1q (http://www. Cisco IOS commands (http://www.directly to your inbox Your email goes here. With experience increasing.PHP) What this message is trying to say is that the native VLAN on this switch differs with the one on the other side of the trunk.com/category/troubleshooting/)  access ports (http://www. we learnt two powerful commands: show ip arp and show mac address‐table .ictshore. interface GigabitEthernet0/1   switchport trunk native vlan 99   end  Then wait for about a minute.com/tag/cisco-ios- commands/).ictshore.COM/WP-LOGIN.COM/) ABOUTswitch – Native VLAN of the remote (HTTP://WWW. Native VLAN Mismatch (http://www. IEEE 802. To fix this.. Cisco (http://www.ictshore.ICTSHORE. Trunk (http://www. simply add the commands below. Troubleshooting (http://www.com/category/networking-fundamentals/). Networking (http://www.ictshore. Cisco Packet Tracer (http://www. challenges and exclusive content for free .com/tag/configuration/).ictshore. Switching (http://www. now everything works as expected. you won’t see any more message like that.com/tag/cisco/). Configuration (http://www.com/tag/native-vlan-mismatch/).ictshore.com/tag/networking/). Networking Fundamentals (http://www.COM/ABOUT/) ← VLANs Configuration on a Cisco Switch Tutorial (http://www.ictshore. Hands-on Lab (http://www. I do that as a Network Engineer by designing and implementing solutions.ictshore. with TopSwitchL3 – Hostname of the remote switch FastEthernet0/3 – interface of the remote switch HOME(99) (HTTP://WWW.COM/ABOUT/) LOG IN (HTTP://WWW.com/category/hands-on-lab/). Subscribe!  Free CCNA Course (http://www.ictshore.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore. These two commands help you to locate devices in the network. TopSwitchL3 is REGISTER (HTTP://WWW.ictshore.com (http://www.ICTSHORE.ictshore.ictshore.com/tag/access-ports/).ictshore.ictshore.com/tag/switching/).com/tag/ip/). you will become faster and faster in switch troubleshooting tasks. OSI (http://www.ictshore. and perform basic troubleshooting.ictshore.

ictshore. Subscribe! RECENT POSTS Access Lists fundamentals on Cisco Devices (http://www.com/free­ccna­course/switch­troubleshooting­basics/ 11/11 .PHP) REGISTER (HTTP://WWW.ictshore.6/11/2017 Cisco Switch Troubleshooting Basics and Steps list ­ ICTShore.com Your email address will not be published.. Join other professionals now! Your email goes here.com/free-ccna-course/access-lists-fundamentals/) NTP Configuration on Cisco Devices (http://www.PHP?ACTION=REGISTER) Name * Email * Website I'm not a robot reCAPTCHA Privacy .. for free. Stateless and Stateful (http://www.ictshore.ictshore..Terms Post Comment BOOST YOUR KNOWLEDGE We deliver exclusive content to our subscribers.COM/ABOUT/) LOG IN (HTTP://WWW.com (http://www.ictshore.com/free-ccna-course/client-troubleshooting/) ADVERTISEMENT http://www...COM/WP-LOGIN.COM/WP-LOGIN.com/) Start typing.com/free-ccna-course/ntp-configuration/) DHCPv6 Configuration: SLAAC.com/free-ccna-course/cisco-dhcp-server/) Client Troubleshooting: IP and DNS Settings (http://www. Search.ICTSHORE. Required fields are marked * ICTShore.ictshore.ICTSHORE. HOME (HTTP://WWW.COM/) ABOUT (HTTP://WWW.ictshore.ICTSHORE.com/free-ccna-course/dhcpv6-basics/) DHCP Server on Cisco Router: Configure and Troubleshoot (http://www.ICTSHORE.