Troubleshooting TCP/IP – Show and Debug

Lab 4.6.3: Troubleshooting TCP/IP – Show and Debug SanJose1 S0/0 S0/0 SanJose2 #1 192.168.1.10 192.168.2.10 #2 Objective There are many commands that are useful for troubleshooting TCP/IP. It is likely that you have used some of them in earlier classes. In this exercise you will look at some options, but we will save most commands for later chapters when you are looking at specific protocols. This lab covers: • show commands • debug commands Warning: The debug command because of its heavy use of CPU cycles can be devastating to a production router’s performance. It is possible that a command such as debug IP packet running, during a moderate to heavy traffic period could literally consume all CPU cycles and effectively stop routing, resulting in discarded frames. This discussion is included primarily as a tool to help you visualize how and why certain network processes occur. We will also look at options that can reduce the impact of the debug commands. Scenario You have been asked to consult on a small network and offer suggestions on how performance might be improved. You are gathering information about the network. Note: The configuration file used for this lab will be used for other module 4 labs, so please do not change any configuration settings. The configuration contains several components for testing purposes and is not intended to represent a good production configuration. 1-1 Semester 8 Internetwork Troubleshooting v1.0 - Lab 4.6.3 Copyright  2001, Cisco Systems, Inc. If the lab is done in pairs, each person can run the lab steps each may get slightly different results. It might be beneficial to coordinate your efforts and compare results. Step 1 Cable the lab as shown in the diagram. Load the configuration files Lab4-6-3-SanJose1Config.txt and Lab4-6-3-SanJose2Config.txt into the appropriate routers. Configure the workstations as follows (same as the last lab): Host #1 IP Address: 192.168.1.10 Subnet mask: 255.255.255.0 Default Gateway: 192.168.1.1 Host #2 IP Address: 192.168.2.10 Subnet mask: 255.255.255.0 Default Gateway: 192.168.2.1 Step 2 The show ip access-list and clear ip access-list counters commands On either router type show ip access-list and look over the results. You may notice a message indicating matches after some entries like those highlighted below: SanJose1#show ip access-list Standard IP access list 50 deny 192.168.60.0, wildcard bits 0.0.0.255 deny 192.168.70.0, wildcard bits 0.0.0.255 deny 192.168.80.64, wildcard bits 0.0.0.31 permit any Extended IP access list 100 deny tcp any 192.168.90.0 0.0.0.255 eq www deny tcp any 192.168.90.0 0.0.0.255 eq ftp deny tcp any 192.168.91.0 0.0.0.255 eq www deny tcp any 192.168.91.0 0.0.0.255 eq ftp deny icmp any host 192.168.60.1 permit ip any any (8571 matches) Extended IP access list protect_acctg_servers deny tcp 192.168.60.0 0.0.0.255 192.168.10.0 0.0.0.7 eq www deny tcp 192.168.70.0 0.0.0.255 192.168.10.0 0.0.0.7 eq www deny tcp 192.168.80.0 0.0.0.255 192.168.10.0 0.0.0.7 eq www deny tcp 192.168.90.0 0.0.0.255 192.168.10.0 0.0.0.7 eq www deny tcp 192.168.91.0 0.0.0.255 192.168.10.0 0.0.0.7 eq www permit ip any any (44294 matches) SanJose1# These “matches” messages indicate the results of the access list since the last time the counters were cleared or the router rebooted. The clear ip access-list counters command can be used to clear the counters. Try it. You may find that like the following example a routing update or some other activity immediately started the counters again. SanJose1#clear ip access-list counters SanJose1#show ip access-list 2-2 Semester 8 Internetwork Troubleshooting v1.0 - Lab 4.6.3 Copyright  2001, Cisco Systems, Inc. Standard IP access list 50 deny 192.168.60.0, wildcard bits 0.0.0.255 deny 192.168.70.0, wildcard bits 0.0.0.255 deny 192.168.80.64, wildcard bits 0.0.0.31 permit any Extended IP access list 100 deny tcp any 192.168.90.0 0.0.0.255 eq www deny tcp any 192.168.90.0 0.0.0.255 eq ftp deny tcp any 192.168.91.0 0.0.0.255 eq www deny tcp any 192.168.91.0 0.0.0.255 eq ftp deny icmp any host 192.168.60.1 permit ip any any Extended IP access list protect_acctg_servers deny tcp 192.168.60.0 0.0.0.255 192.168.10.0 0.0.0.7 eq www deny tcp 192.168.70.0 0.0.0.255 192.168.10.0 0.0.0.7 eq www deny tcp 192.168.80.0 0.0.0.255 192.168.10.0 0.0.0.7 eq www deny tcp 192.168.90.0 0.0.0.255 192.168.10.0 0.0.0.7 eq www deny tcp 192.168.91.0 0.0.0.255 192.168.10.0 0.0.0.7 eq www permit ip any any (5 matches) SanJose1# Step 3 The show ip arp command. Type the show ip arp command and look over the results. Notice that only the LAN interfaces and any hosts connected to them appear in the ARP table. You also get the MAC address, encapsulation type, and the local interface to which the address has been mapped. There is a show arp command that seems to yield the same result. SanJose1#show ip arp Protocol Address Internet 192.168.1.10 Internet 192.168.1.1 Internet 192.168.4.1 SanJose1# Age (min) 1 -- Hardware Addr Type 00a0.cc23.fe40 ARPA 0010.7b3a.3f60 ARPA 0010.7b3a.3f60 ARPA Interface Ethernet0 Ethernet0 Ethernet0 Type the show appletalk arp command and look over the results. You should only get a single entry unless you have attached some Mac hosts. SanJose1#show appletalk arp Address Age (min) Type 57.76 - Hardware SanJose1# Hardware Addr Encap 0010.7b3a.3f60.0000 SNAP Interface Ethernet0 An attempt to type the show ipx arp command will remind you that IPX does not use ARP. Step 4 The show ip route command. Type the show ip route command to display the IP route table. Because of a series of loopback addresses and a variety of protocols configured on both routers, you should see a pretty extensive display. Note that on SanJose1 there are some EX - EIGRP external and IA - OSPF inter area routes. SanJose1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 3-3 Semester 8 Internetwork Troubleshooting v1.0 - Lab 4.6.3 Copyright  2001, Cisco Systems, Inc. * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set R 192.168.91.0/24 [120/1] via 192.168.0.2, 00:00:21, Serial0 R 192.168.90.0/24 [120/1] via 192.168.0.2, 00:00:21, Serial0 C 192.168.30.0/24 is directly connected, Loopback2 D EX 192.168.60.0/24 [170/2297856] via 192.168.0.2, 05:49:49, Serial0 C 192.168.10.0/24 is directly connected, Loopback0 C 192.168.40.0/24 is directly connected, Loopback3 192.168.95.0/32 is subnetted, 1 subnets O IA 192.168.95.1 [110/65] via 192.168.0.2, 05:49:49, Serial0 C 192.168.4.0/24 is directly connected, Ethernet0 D 192.168.80.0/24 [90/2297856] via 192.168.0.2, 05:49:49, Serial0 C 192.168.20.0/24 is directly connected, Loopback1 192.168.96.0/32 is subnetted, 1 subnets O IA 192.168.96.1 [110/65] via 192.168.0.2, 05:49:50, Serial0 C 192.168.0.0/24 is directly connected, Serial0 C 192.168.50.0/24 is directly connected, Loopback4 C 192.168.1.0/24 is directly connected, Ethernet0 R 192.168.2.0/24 [120/1] via 192.168.0.2, 00:00:24, Serial0 D EX 192.168.70.0/24 [170/2297856] via 192.168.0.2, 05:49:51, Serial0 R 192.168.3.0/24 [120/1] via 192.168.0.2, 00:00:24, Serial0 SanJose1# Type the show ip route summary command to see the routes summarized plus overhead and bytes used. Note that it also provides an additional summary of OSPF network information. SanJose1#show ip route summary IP routing table name is Default-IP-Routing-Table(0) Route Source Networks Subnets Overhead Memory (bytes) connected 8 0 416 1120 static 0 0 0 0 eigrp 90 3 0 156 420 ospf 100 0 2 104 280 Intra-area: 0 Inter-area: 2 External-1: 0 External-2: 0 rip 4 0 208 560 igrp 90 0 0 0 0 internal 2 2320 Total 17 2 884 4700 Type the show ip route ? command to see the parameter options available. Adding parameters like connected, static, or the routing protocols filters the output. SanJose1#show ip route ? bgp Border Gateway Protocol (BGP) connected Connected egp Exterior Gateway Protocol (EGP) eigrp Enhanced Interior Gateway Routing Protocol (EIGRP) igrp Interior Gateway Routing Protocol (IGRP) isis ISO IS-IS list IP Access list mobile Mobile routes odr On Demand stub Routes ospf Open Shortest Path First (OSPF) profile IP routing table profile rip Routing Information Protocol (RIP) static Static routes summary Summary of all routes supernets-only Show supernet entries only traffic-engineering Traffic engineered routes vrf Display routes from a VPN Routing/Forwarding instance | Output modifiers 4-4 Semester 8 Internetwork Troubleshooting v1.0 - Lab 4.6.3 Copyright  2001, Cisco Systems, Inc. Type the following commands: show ip route eigrp, show ip route ospf, and show ip route rip to see that you can be selective about what is displayed. SanJose1#show ip route eigrp D EX 192.168.60.0/24 [170/2297856] via 192.168.0.2, 05:55:25, Serial0 D 192.168.80.0/24 [90/2297856] via 192.168.0.2, 05:55:25, Serial0 D EX 192.168.70.0/24 [170/2297856] via 192.168.0.2, 05:55:25, Serial0 SanJose1# SanJose1#show ip route ospf 192.168.95.0/32 is subnetted, 1 subnets O IA 192.168.95.1 [110/65] via 192.168.0.2, 05:55:38, Serial0 192.168.96.0/32 is subnetted, 1 subnets O IA 192.168.96.1 [110/65] via 192.168.0.2, 05:55:38, Serial0 SanJose1# SanJose1#show ip route rip R 192.168.91.0/24 [120/1] via 192.168.0.2, 00:00:23, Serial0 R 192.168.90.0/24 [120/1] via 192.168.0.2, 00:00:23, Serial0 R 192.168.2.0/24 [120/1] via 192.168.0.2, 00:00:23, Serial0 R 192.168.3.0/24 [120/1] via 192.168.0.2, 00:00:23, Serial0 SanJose1# Type the show ip route address command for a host or network address on the other router to see the source and detail information about that route. SanJose1#show ip route 192.168.2.51 Routing entry for 192.168.2.0/24 Known via "rip", distance 120, metric 1 Redistributing via rip Last update from 192.168.0.2 on Serial0, 00:00:01 ago Routing Descriptor Blocks: * 192.168.0.2, from 192.168.0.2, 00:00:01 ago, via Serial0 Route metric is 1, traffic share count is 1 SanJose1# Step 5 The show ip interface command. Type the show ip interface command to display the IP interfaces. While the command displays all interfaces, let’s look at the LAN interface. Not only can we see the IP address, but we see that a second IP address has been assigned to the interface (192.168.4.1/24). We can see that there are both inbound and outbound access lists implemented – we would refer back to our show ip access-list to see what they do. Finally, the Multicast reserved group (224.0.0.9) tells us that this interface participates in RIP version 2 routing updates. SanJose1#show ip interface Ethernet0 is up, line protocol is up Internet address is 192.168.1.1/24 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Secondary address 192.168.4.1/24 Multicast reserved groups joined: 224.0.0.9 Outgoing access list is 50 Inbound access list is 100 Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent 5-5 Semester 8 Internetwork Troubleshooting v1.0 - Lab 4.6.3 Copyright  2001, Cisco Systems, Inc. ... - tailieumienphi.vn