Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
You can use the ping and traceroute commands to test connectivity to remote devices, and
both of them can be used with many protocols, not just IP. But don’t forget that the show ip
272 Chapter 4 Configure, verify, and troubleshoot basic router operation
route command is a good troubleshooting command for verifying your routing table, and the
show interfaces command will show you the status of each interface.
I am going to go over both the debug command and the show processes command you
need to troubleshoot a router.
Using the ping Command
So far, you’ve seen many examples of pinging devices to test IP connectivity and name resolution
using the DNS server. To see all the different protocols that you can use with the ping
program, type ping ?:
Corp#ping ?
WORD Ping destination address or hostname
clns CLNS echo
ip IP echo
srb srb echo
tag Tag encapsulated IP echo
<cr>
The ping output displays the minimum, average, and maximum times it takes for a ping
packet to find a specified system and return. Here’s an example:
Corp#ping R1
Translating "R1"...domain server (192.168.0.70)[OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.2.2.2, timeout
is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max
= 1/2/4 ms
Corp#
You can see that the DNS server was used to resolve the name, and the device was pinged in
1 ms (millisecond), an average of 2 ms, and up to 4 ms.
The ping command can be used in user and privileged mode but not configuration
mode.
4.16 Verify router hardware and software operation using the SHOW and DEBUG 273
Pinging with SDM
Unlike the Telnet option in SDM, we at least have a screen we can use to choose an option or two.
Once you choose Tools Ping, you receive the following screen:
274 Chapter 4 Configure, verify, and troubleshoot basic router operation
From here you can choose the source interface to ping from, which is a nice option. Enter
your destination and then click Ping.
Using the traceroute Command
Traceroute (the traceroute command, or trace for short) shows the path a packet takes to
get to a remote device. It uses time to live (TTL) time-outs and ICMP error messages to outline
the path a packet takes through an internetwork to arrive at remote host.
Trace (the trace command) that can be used from either user mode or privileged mode
allows you to figure out which router in the path to an unreachable network host should be
examined more closely for the cause of the network’s failure.
To see the protocols that you can use with the traceroute command, type traceroute ?:
Corp#traceroute ?
WORD Trace route to destination address or hostname
appletalk AppleTalk Trace
clns ISO CLNS Trace
ip IP Trace
ipv6 IPv6 Trace
ipx IPX Trace
<cr>
The trace command shows the hop or hops that a packet traverses on its way to a remote
device. Here’s an example:
Corp#traceroute r1
Type escape sequence to abort.
Tracing the route to R1 (10.2.2.2)
1 R1 (10.2.2.2) 4 msec * 0 msec
Corp#
You can see that the packet went through only one hop to find the destination.
Do not get confused! You can’t use the tracert command—it’s a Windows
command. For a router, use the traceroute command!
Here’s an example of using tracert from a Windows DOS prompt (notice the command
tracert!):
C:\>tracert www.whitehouse.gov
Tracing route to a1289.g.akamai.net [69.8.201.107]
4.16 Verify router hardware and software operation using the SHOW and DEBUG 275
over a maximum of 30 hops:
1 * * * Request timed out.
2 53 ms 61 ms 53 ms hlrn-dsl-gw15-207.hlrn.qwest.net
[207.225.112.207]
3 53 ms 55 ms 54 ms hlrn-agw1.inet.qwest.net [71.217.188.113]
4 54 ms 53 ms 54 ms hlr-core-01.inet.qwest.net [205.171.253.97]
5 54 ms 53 ms 54 ms apa-cntr-01.inet.qwest.net [205.171.253.26]
6 54 ms 53 ms 53 ms 63.150.160.34
7 54 ms 54 ms 53 ms www.whitehouse.gov [69.8.201.107]
Trace complete.
Okay, let’s move on now and talk about how to troubleshoot your network using the
debug command.
Debugging
Debug is a troubleshooting command that’s available from the privileged exec mode of Cisco
IOS. It’s used to display information about various router operations and the related traffic
generated or received by the router, plus any error messages.
It’s a useful and informative tool, but you really need to understand some important facts
about its use. Debug is regarded as a very high-priority task because it can consume a huge
amount of resources and the router is forced to process-switch the packets being debugged. So,
you don’t just use Debug as a monitoring tool—it’s meant to be used for a short period of time
and only as a troubleshooting tool. By using it, you can really find out some truly significant
facts about both working and faulty software and/or hardware components.
Because debugging output takes priority over other network traffic, and because the debug
all command generates more output than any other debug command, it can severely diminish
the router’s performance—even render it unusable. So, in virtually all cases, it’s best to use
more-specific debug commands.
As you can see from the following output, you can’t enable debugging from user mode, only
privileged mode:
Corp>debug ?
% Unrecognized command
Corp>en
Corp#debug ?
aaa AAA Authentication, Authorization and Accounting
access-expression Boolean access expression
adjacency adjacency
all Enable all debugging
[output cut]
276 Chapter 4 Configure, verify, and troubleshoot basic router operation
If you’ve got the freedom to pretty much take out a router and you really want to have some
fun with debugging, use the debug all command:
Corp#debug all
This may severely impact network performance. Continue? (yes/[no]):yes
All possible debugging has been turned on
2d20h: SNMP: HC Timer 824AE5CC fired
2d20h: SNMP: HC Timer 824AE5CC rearmed, delay = 20000
2d20h: Serial0/0: HDLC myseq 4, mineseen 0, yourseen 0, line down
2d20h:
2d20h: Rudpv1 Sent: Pkts 0, Data Bytes 0, Data Pkts 0
2d20h: Rudpv1 Rcvd: Pkts 0, Data Bytes 0, Data Pkts 0
2d20h: Rudpv1 Discarded: 0, Retransmitted 0
2d20h:
2d20h: RIP-TIMER: periodic timer expired
2d20h: Serial0/0: HDLC myseq 5, mineseen 0, yourseen 0, line down
2d20h: Serial0/0: attempting to restart
2d20h: PowerQUICC(0/0): DCD is up.
2d20h: is_up: 0 state: 4 sub state: 1 line: 0
2d20h:
2d20h: Rudpv1 Sent: Pkts 0, Data Bytes 0, Data Pkts 0
2d20h: Rudpv1 Rcvd: Pkts 0, Data Bytes 0, Data Pkts 0
2d20h: Rudpv1 Discarded: 0, Retransmitted 0
2d20h: un all
All possible debugging has been turned off
Corp#
To disable debugging on a router, just use the command no in front of the debug command:
Corp#no debug all
But I typically just use the undebug all command, since it is so easy when using the shortcut:
Corp#un all
Remember that instead of using the debug all command, it’s almost always better to
use specific commands—and only for short periods of time. Here’s an example of deploying
debug ip rip that will show you RIP updates being sent and received on a router:
Corp#debug ip rip
RIP protocol debugging is on
4.16 Verify router hardware and software operation using the SHOW and DEBUG 277
Corp#
1w4d: RIP: sending v2 update to 224.0.0.9 via Serial0/0 (192.168.12.1)
1w4d: RIP: build update entries
1w4d: 10.10.10.0/24 via 0.0.0.0, metric 2, tag 0
1w4d: 171.16.125.0/24 via 0.0.0.0, metric 3, tag 0
1w4d: 172.16.12.0/24 via 0.0.0.0, metric 1, tag 0
1w4d: 172.16.125.0/24 via 0.0.0.0, metric 3, tag 0
1w4d: RIP: sending v2 update to 224.0.0.9 via Serial0/2 (172.16.12.1)
1w4d: RIP: build update entries
1w4d: 192.168.12.0/24 via 0.0.0.0, metric 1, tag 0
1w4d: 192.168.22.0/24 via 0.0.0.0, metric 2, tag 0
1w4d: RIP: received v2 update from 192.168.12.2 on Serial0/0
1w4d: 192.168.22.0/24 via 0.0.0.0 in 1 hops
Corp#un all
I’m sure you can see that the debug command is one powerful command. And because of
this, I’m also sure you realize that before you use any of the debugging commands, you should
make sure you check the utilization of your router. This is important because in most cases,
you don’t want to negatively impact the device’s ability to process the packets through on your
internetwork. You can determine a specific router’s utilization information by using the show
processes command.
Remember, when you telnet into a remote device, you will not see console
messages by default! For example, you will not see debugging output. To
allow console messages to be sent to your Telnet session, use the terminal
monitor command.
Using the show processes Command
As mentioned in the previous section, you’ve really got to be careful when using the debug
command on your devices. If your router’s CPU utilization is consistently at 50 percent or
more, it’s probably not a good idea to type in the debug all command unless you want to see
what a router looks like when it crashes!
So, what other approaches can you use? Well, the show processes (or show processes
cpu) is a good tool for determining a given router’s CPU utilization. Plus, it’ll give you a list
of active processes along with their corresponding process ID, priority, scheduler test (status),
CPU time used, number of times invoked, and so on. Lots of great stuff! Plus, this command
is super-handy when you want to evaluate your router’s performance and CPU utilization—
for instance, when you find yourself otherwise tempted to reach for the debug command.
Okay—what do you see in the output below? The first line shows the CPU utilization output
for the last 5 seconds, 1 minute, and 5 minutes. The output provides 2%/0% in front of
278 Chapter 4 Configure, verify, and troubleshoot basic router operation
the CPU utilization for the last 5 seconds. The first number equals the total utilization and the
second one delimits the utilization due to interrupt routines:
Corp#sh processes
CPU utilization for five seconds: 2%/0%; one minute: 0%; five minutes: 0%
PID QTy PC Runtime (ms) Invoked uSecs Stacks TTY Process
1 Cwe 8034470C 0 1 0 5804/6000 0 Chunk Manager
2 Csp 80369A88 4 1856 2 2616/3000 0 Load Meter
3 M* 0 112 14 800010656/12000 0 Exec
5 Lst 8034FD9C 268246 52101 5148 5768/6000 0 Check heaps
6 Cwe 80355E5C 20 3 6666 5704/6000 0 Pool Manager
7 Mst 802AC3C4 0 2 0 5580/6000 0 Timers
[output cut]
So basically, the output from the show processes command shows that our router is happily
able to process debugging commands without being overloaded.
Exam Objectives
Remember the difference between the command traceroute and tracert. The command
trace (or traceroute) is used with Cisco routers, switches, and Unix devices, among others.
However, the command tracert is used on Windows devices from the DOS prompt.
Remember the command to use before using debugging on a router. Before using any
debug command on a router, you should verify the CPU utilization, using the show
processes command.
No comments:
Post a Comment