Sho process cpu
http://www.cisco.com/en/US/products/hw/routers/ps133/products_tech_note09186a00800a70f2.shtml
http://www.cisco.com/en/US/products/hw/routers/ps359/products_tech_note09186a00801c2af0.shtml
Saturday, August 22, 2009
Sunday, August 16, 2009
DCD...DSR....!....DTR......?.....RTS......@...CTS....!
In ethernet : Ethernet0 is down, Line Protocol is down => interface problem
In Serial link: Serial0 is down, Line Protocol is down
=> When on a Serial interface something else might be the problem. Serial interfaces operate in pairs and there usually is a CSU/DSU operating between them along the media. So you need to investigate the signals at the bottom of a show interface
DCD = Data Carrier Detect
DSR = Data Set Ready
DTR = Data Terminal Ready
RTS = Request to Send
CTS = Clear to Send
------------------
When you connect two routers via a crossover cable one router will be the DTE (Data Terminal Equipment) and the other router will be the DCE ( Data Circuit-Terminating Equipment). You need to configure the clocking on the DCE. This is accomplished by entering this command router#(config-if)clockrate.
-----------
When the routers are connected via a WAN link both routers are the DTE. With CSU/DSU's acting as the DCE providing the clocking.
The DTE is responsible for DTR and RTS. The DCE is responsible for DCD, DSR and CTS.
i.e. DTE=> DTR, RTS
DCE=>DCD, DSR and CTS
===========
Scenarios:
DCE router.
Serial0 is down, Line Protocol is down
DCD=up DSR=up DTR=down RTS=down CTS=up
This indicates that the DTE router is down or a media problem.
DTE router connected via a WAN link.
Serial0 is down, Line Protocol is down
DCD=down DSR=down DTR=up RTS=up CTS=down
This indicates a problem with the media or the CSU/DSU.
Two routers connected via crossover cable.
Serial0 is down, Line Protocol is down
DCD=down DSR=down DTR=up RTS=up CTS=down
This indicates that the DCE router is down or a media problem.
============
Serial0 is up, Line Protocol is down
This shows that Serial0 is receiving physical layer clocking. But you may have a problem with the media or there is an encapsulation mismatch.
Serial0 is up, Line Protocol is up
This shows that Serial0 is receiving physical layer clocking and that the router is getting hello/keepalives from the remote end.
================
In Serial link: Serial0 is down, Line Protocol is down
=> When on a Serial interface something else might be the problem. Serial interfaces operate in pairs and there usually is a CSU/DSU operating between them along the media. So you need to investigate the signals at the bottom of a show interface
DCD = Data Carrier Detect
DSR = Data Set Ready
DTR = Data Terminal Ready
RTS = Request to Send
CTS = Clear to Send
------------------
When you connect two routers via a crossover cable one router will be the DTE (Data Terminal Equipment) and the other router will be the DCE ( Data Circuit-Terminating Equipment). You need to configure the clocking on the DCE. This is accomplished by entering this command router#(config-if)clockrate.
-----------
When the routers are connected via a WAN link both routers are the DTE. With CSU/DSU's acting as the DCE providing the clocking.
The DTE is responsible for DTR and RTS. The DCE is responsible for DCD, DSR and CTS.
i.e. DTE=> DTR, RTS
DCE=>DCD, DSR and CTS
===========
Scenarios:
DCE router.
Serial0 is down, Line Protocol is down
DCD=up DSR=up DTR=down RTS=down CTS=up
This indicates that the DTE router is down or a media problem.
DTE router connected via a WAN link.
Serial0 is down, Line Protocol is down
DCD=down DSR=down DTR=up RTS=up CTS=down
This indicates a problem with the media or the CSU/DSU.
Two routers connected via crossover cable.
Serial0 is down, Line Protocol is down
DCD=down DSR=down DTR=up RTS=up CTS=down
This indicates that the DCE router is down or a media problem.
============
Serial0 is up, Line Protocol is down
This shows that Serial0 is receiving physical layer clocking. But you may have a problem with the media or there is an encapsulation mismatch.
Serial0 is up, Line Protocol is up
This shows that Serial0 is receiving physical layer clocking and that the router is getting hello/keepalives from the remote end.
================
Saturday, August 8, 2009
Router Boot Sequence
Router Boot Sequence1) The router performs the POST.2) The bootstrap searches for and loads the Cisco IOS software.3) The IOS software looks in NVRAM for a valid configuration file.4) If there is a valid configuration file in NVRAM, then this file will be loaded and executed.
POST: When first powered up, a router will carry out a power-on self-test (POST). Recall that the POST is used to check whether the CPU and router interfaces are capable of functioning correctly.
Boot Strap:After a successful POST, the router will execute the Bootstrap program from ROM. The bootstrap is used to search Flash memory for a valid Cisco IOS image.
IOS:Once the IOS image is loaded, it will search for a valid startup configuration in NVRAM. If a valid startup configuration file cannot be found, the router will load the System Configuration Dialog, or what is sometimes called setup mode. This mode allows you to perform the initial configuration of the router.
Check Configuration Register value (NVRAM) which can be modified using the config-register command 0 = ROM Monitor mode1 = ROM IOS2 - 15 = startup-config in NVRAM
Boot System Commands
Router(config)# boot system flash IOS filename – boot from FLASH memoryRouter(config)# boot system tftp IOS filename tftp server ip address – boot from a TFTP serverRouter(config)# boot system rom – boot from system ROM
Configuration Register Command
Router(config)# config-register 0×10x (where that last x is 0-F in hex)
When the last x is:0 = boot into ROM Monitor mode1 = boot the ROM IOS2 – 15 = look in startup config file in NVRAM
==========
When you turn the router on, it runs through the following boot process.
The Power-On Self Test (POST) checks the router's hardware. When the POST completes successfully, the System OK LED indicator comes on.
The router checks the configuration register to identify where to load the IOS image from. A setting of 0x2102 means that the router will use information in the startup-config file to locate the IOS image. If the startup-config file is missing or does not specify a location, it will check the following locations for the IOS image:
Flash (the default location)
TFTP server
ROM (used if no other source is found)
The router loads the configuration file into RAM (which configures the router). The router can load a configuration file from:
NVRAM (startup-configuration file)
TFTP server
If a configuration file is not found, the router starts in setup mode.
Sunday, August 2, 2009
Backplane of Switch / Stack Backplane of a Switch
All module or ports connect on backplane of switch.
http://www.cspi.com/multicomputer/products/2000_SERIES/images/StarGate_2923.jpg
http://www.cisco.com/univercd/illus/2/41/22041.gif
backplane capacity between ports or modules comminication on switch
You have Passive Backplane and Active Backplane. Passive: Where you don't have Controller (Management) on the board . Example: 8200 series. Active: Where you have Controller and management of the switch on board. Example: 5400 series.
connect to switch port or module backplane on switch each port 100 or 1000 mbps connect switch backplane but provision asic switch different way connect backplane each module two line connect backplane for example 5400 switch have active backplane switch fabric chip on backplane board each module two 14.4 Gpbs link connect backplane namely one module 28.8 Gbps connect back plane 8212 switch have passive backplane switch fabric chip on switch fabric module each module connect two 14,4 Gbps line to fabric module back board not keep fabric chip backplane calculator we have 100 Mbps 24 port 1000Mbps 2 port swtich for example 2626 100 Mbps x2(full duplex)200Mbps one port x 24 port = 4800 Mbps** 1000Mbps x2(full duplex)2000Mbps one port x 2 port = 4000 Mbps 4000Mbps+4800 Mbps =8800 Mbps =8,8 Gbps real backplane requirement please look back plane capacity 2626 switch www.procurve.com but chasis type switch different back plane capacity because each module seperate like switch
Back plane utilization guide: http://www.cisco.com/en/US/tech/tk389/tk816/technologies_tech_note09186a0080094a96.shtml
check 1 model:
Stackable Switches
The common characteristic of a stack acting as a single switch is that there is a single IP address for remote administration of the stack as a whole, not an IP address for the administration of each unit in the stack. Features associated with stackable switches can include:
Single IP Address for multiple units. Multiple switches can share one IP Address for administrative purposes, thus conserving IP Addresses.
Single management view from multiple interfaces. Stack-level views and commands can be provided from a single Command Line Interface (CLI) and/or embedded Web interface. The SNMP view into the stack can be unified.
Stacking Resiliency. Multiple switches can have ways to bypass a “down” switch in a stack, thus allowing the remaining units to function as a stack even with a failed or removed unit.
Layer 3 redundancy. Some stackable architectures allow for continued Layer 3 routing if there is a “down” switch in a stack. If routing is centralized in one unit in the stack, and that unit fails, then there must be a recovery mechanism to move routing to a backup unit in the stack.
Mix and match of technology. Some stackable architectures allow for mixing switches of different technologies or from different product families, yet still achieve unified management. For example, some stacking allows for the mixing 10/100 and Gigabit switches in a stack.
Dedicated stacking bandwidth. Some switches come with built-in ports dedicated for stacking, which can preserve other ports for data network connections and can avoid the possible expense of an additional module to add stacking. Proprietary data handling or cables can be used to achieve higher bandwidths than standard Gigabit or 10-Gigabit connections.
There is not universal agreement as to the threshold for being a stackable versus being a standalone switch. Some companies call their switches stackable if they support a Single IP Address for multiple units even if they lack other features from this list. Some industry analysts have said a product is not a stackable if it lacks one of the above features (e.g., dedicated bandwidth).
Terminology
Here are other terms associated with stackable switches:
Stacking Backplane: Used to describe the connections between stacked units, and the bandwidth of that connection. Most typically, switches that have primarily Fast Ethernet ports would have at minimum Gigabit connections for its stacking backplane; likewise, switches that primarily have Gigabit Ethernet ports would have at minimum 10-Gigabit connections.
Clustering. The term sometimes used for a stacking approach that focuses on unified management with a single IP address for multiple stackable units. Units can be distributed and of multiple types.
Stack Master or Commander: In some stack architectures, one unit is designated the main unit of the stack. All management is routed through that single master unit. Some call this the master or commander unit. Other units in the stack are referred to as slave or member units.
Which switches:?
===========>
Cisco offers their StackWise feature on the Cisco Catalyst 3750 series switches, and StackWise Plus on Catalyst 3750-E series.
What StackWise basically does is build one big switch by intelligently joining several individual switches together (with a maximum of nice switches total). The switches are united into a single logical unit using special stack interconnect cables that create a bidirectional closed-loop path. The bidirectional path acts as a switch fabric for all the connected switches, where network topology and routing information is updated continuously through the stack. All stack members have full access to the stack interconnect bandwidth (32 Gb).
The stack is managed as a single unit by a master switch, which is elected from one of the stack member switches. Any stack member switch can become master, and election is done my one of these methods:
User priority-The network manager can select a switch to be master.
Hardware and software priority-This will default to the unit with the most extensive feature set.
Default configuration-If a switch has preexisting configuration information, it will take precedence over switches that have not been configured.
Uptime-The switch that has been running the longest is selected.
MAC address-Each switch reports its MAC address to all its neighbors for comparison. The switch with the lowest MAC address is selected.
When one master switch becomes inactive and while a new master is elected, the stack continues to function.
To build StackWise connections you need (at least two) of either of these cables:
CAB-STACK-50CM= (0.5-meter cable)
CAB-STACK-1M= (1-meter cable)
CAB-STACK-3M= (3-meter cable)
The reason you need at least two cables (or more precisely: X + 1, where X is the number of switches in the stack) is that the stacking cables must form a ring, as the connections are bidirectional, and without the ring a failure of one of the cables would break the stack with all manner of nasty things happening to your network. In a correct configuration a stack cable failure will halve the capacity but the stack continues functioning, while after the failed cable starts functioning again full capacity is automatically restored.
The main differences between StackWise (supported on 3750 and 3750-E series) and StackWise plus (only supported on 3750-E series) are:
StackWise plus performs destination stripping, where StackWise only supports source stripping. What this means is that with source stripping a unicast packet that is sent on the stack ring goes around the whole ring and is removed (i.e.: stripped) by the sender of the packet (i.e.: the source switch). With destination stripping the target switch of the packet removes it from the ring, freeing up bandwidth on the ring sooner.
StackWise Plus supports local switching, where StackWise doesn’t, forcing all packets on the stack ring. On a StackWise Plus stack any traffic destined for a node connected to the same member switch stays within that member switch, and doesn’t use the stack ring at all.
StackWise Plus will support up to 2 line rate 10 Gb Ethernet ports per switch.
You can build a stack consisting of a mix of 3750 and 3750-E switches, in that case only StackWise features are available with the exception of the local switching, the 3750-E’s will still do that.
All in all the StackWise feature is quite nice. Just as with RAID arrays you can build a resilient and easy to manage system by using relatively inexpensive devices. Management is almost as easy as managing a single switch, and most of the features that make StackWise worthwhile and in some respects even great are automatic and do their thing quietly and without fuss. Good stuff.
=======
To do this we require: GigaStack GBIC
Check out:http://www.cisco.com/en/US/products/hw/switches/ps628/products_data_sheet09186a00800a1789.html
http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=16639&p_created=1213295950
Troubleshooting stackable switches:
http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/troubleshooting/switch_stacks.html
http://www.cisco.com/en/US/products/hw/switches/ps5023/products_tech_note09186a00807ccc79.shtml
Finally some basics:
------------
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps5023/prod_white_paper09186a00801b096a.html
http://newsroom.cisco.com/dlls/fspnisapi81e5.html
Single IP Address for multiple units. Multiple switches can share one IP Address for administrative purposes, thus conserving IP Addresses.
Single management view from multiple interfaces. Stack-level views and commands can be provided from a single Command Line Interface (CLI) and/or embedded Web interface. The SNMP view into the stack can be unified.
Stacking Resiliency. Multiple switches can have ways to bypass a “down” switch in a stack, thus allowing the remaining units to function as a stack even with a failed or removed unit.
Layer 3 redundancy. Some stackable architectures allow for continued Layer 3 routing if there is a “down” switch in a stack. If routing is centralized in one unit in the stack, and that unit fails, then there must be a recovery mechanism to move routing to a backup unit in the stack.
Mix and match of technology. Some stackable architectures allow for mixing switches of different technologies or from different product families, yet still achieve unified management. For example, some stacking allows for the mixing 10/100 and Gigabit switches in a stack.
Dedicated stacking bandwidth. Some switches come with built-in ports dedicated for stacking, which can preserve other ports for data network connections and can avoid the possible expense of an additional module to add stacking. Proprietary data handling or cables can be used to achieve higher bandwidths than standard Gigabit or 10-Gigabit connections.
There is not universal agreement as to the threshold for being a stackable versus being a standalone switch. Some companies call their switches stackable if they support a Single IP Address for multiple units even if they lack other features from this list. Some industry analysts have said a product is not a stackable if it lacks one of the above features (e.g., dedicated bandwidth).
Terminology
Here are other terms associated with stackable switches:
Stacking Backplane: Used to describe the connections between stacked units, and the bandwidth of that connection. Most typically, switches that have primarily Fast Ethernet ports would have at minimum Gigabit connections for its stacking backplane; likewise, switches that primarily have Gigabit Ethernet ports would have at minimum 10-Gigabit connections.
Clustering. The term sometimes used for a stacking approach that focuses on unified management with a single IP address for multiple stackable units. Units can be distributed and of multiple types.
Stack Master or Commander: In some stack architectures, one unit is designated the main unit of the stack. All management is routed through that single master unit. Some call this the master or commander unit. Other units in the stack are referred to as slave or member units.
Which switches:?
===========>
Cisco offers their StackWise feature on the Cisco Catalyst 3750 series switches, and StackWise Plus on Catalyst 3750-E series.
What StackWise basically does is build one big switch by intelligently joining several individual switches together (with a maximum of nice switches total). The switches are united into a single logical unit using special stack interconnect cables that create a bidirectional closed-loop path. The bidirectional path acts as a switch fabric for all the connected switches, where network topology and routing information is updated continuously through the stack. All stack members have full access to the stack interconnect bandwidth (32 Gb).
The stack is managed as a single unit by a master switch, which is elected from one of the stack member switches. Any stack member switch can become master, and election is done my one of these methods:
User priority-The network manager can select a switch to be master.
Hardware and software priority-This will default to the unit with the most extensive feature set.
Default configuration-If a switch has preexisting configuration information, it will take precedence over switches that have not been configured.
Uptime-The switch that has been running the longest is selected.
MAC address-Each switch reports its MAC address to all its neighbors for comparison. The switch with the lowest MAC address is selected.
When one master switch becomes inactive and while a new master is elected, the stack continues to function.
To build StackWise connections you need (at least two) of either of these cables:
CAB-STACK-50CM= (0.5-meter cable)
CAB-STACK-1M= (1-meter cable)
CAB-STACK-3M= (3-meter cable)
The reason you need at least two cables (or more precisely: X + 1, where X is the number of switches in the stack) is that the stacking cables must form a ring, as the connections are bidirectional, and without the ring a failure of one of the cables would break the stack with all manner of nasty things happening to your network. In a correct configuration a stack cable failure will halve the capacity but the stack continues functioning, while after the failed cable starts functioning again full capacity is automatically restored.
The main differences between StackWise (supported on 3750 and 3750-E series) and StackWise plus (only supported on 3750-E series) are:
StackWise plus performs destination stripping, where StackWise only supports source stripping. What this means is that with source stripping a unicast packet that is sent on the stack ring goes around the whole ring and is removed (i.e.: stripped) by the sender of the packet (i.e.: the source switch). With destination stripping the target switch of the packet removes it from the ring, freeing up bandwidth on the ring sooner.
StackWise Plus supports local switching, where StackWise doesn’t, forcing all packets on the stack ring. On a StackWise Plus stack any traffic destined for a node connected to the same member switch stays within that member switch, and doesn’t use the stack ring at all.
StackWise Plus will support up to 2 line rate 10 Gb Ethernet ports per switch.
You can build a stack consisting of a mix of 3750 and 3750-E switches, in that case only StackWise features are available with the exception of the local switching, the 3750-E’s will still do that.
All in all the StackWise feature is quite nice. Just as with RAID arrays you can build a resilient and easy to manage system by using relatively inexpensive devices. Management is almost as easy as managing a single switch, and most of the features that make StackWise worthwhile and in some respects even great are automatic and do their thing quietly and without fuss. Good stuff.
=======
To do this we require: GigaStack GBIC
Check out:http://www.cisco.com/en/US/products/hw/switches/ps628/products_data_sheet09186a00800a1789.html
http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=16639&p_created=1213295950
Troubleshooting stackable switches:
http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/troubleshooting/switch_stacks.html
http://www.cisco.com/en/US/products/hw/switches/ps5023/products_tech_note09186a00807ccc79.shtml
Finally some basics:
------------
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps5023/prod_white_paper09186a00801b096a.html
http://newsroom.cisco.com/dlls/fspnisapi81e5.html
Saturday, August 1, 2009
OSI MOdel in Real time
The OSI model is a hierarchical model of how different devices, protocols, and applications can interoperate to provide a network. The OSI (open systems interconnect) model was created by the International Standards Organization (ISO).
The applications and protocols that make up the network reside at different layers of the OSI model. Those layers are:
Layer 7 – Application
Layer 6 – Presentation
Layer 5 – Session
Layer 4 – Transport
Layer 3 – Network
Layer 2 – Data Link
Layer 1 – Physical
Here are some common ways to remember the OSI model:
All People Seem To Need Data Processing
Please Do Not Throw Sausage Pizza Away
Phew Dead Ninja Turtles Smell Particularly Awful
A common question is, “What application or protocol resides at each of the layers?” Here is a general overview:
Layer 7 - ApplicationThe application layer is where the protocols and services that make up your application reside. Examples of what is located here are: Telnet, File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).
Layer 6 - PresentationThe presentation layer “presents” the session layer data to the application. Examples of what is located here are: encryption (like IPSec), ASCII, and JPG.
Layer 5 - SessionThis layer is responsible for initiating and terminating network connections. Examples of the session layer are Remote Procedure Call (RPC) functions and the login portion of a SQL session.
Layer 4 - TransportTCP and UDP work at the transport layer. TCP provides the reliable, in-order delivery of your data, as well as error correction, sequencing, and windowing (flow control). Additionally, TCP at the transport layer provides source and destination port numbers that are commonly associated with applications. For example, TCP port 25 is SMTP, 23 is telnet, 22 is SSH, 80 is HTTP, and so on. These port numbers are very important if you are configuring an ACL (see my article, “What you need to know about Cisco IOS access-list filtering“) or studying for a certification test like the CCNA. Data at the transport layer is called a segment.
Layer 3 - NetworkThe network layer is where the “IP” part of “TCP/IP” happens. IP is responsible for addressing in the network. Because IP works at layer 3, you could also say that routing and routers work at layer 3. Any data at layer 3 is called a packet.
Layer 2 - Data LinkIf you think about a WAN, there are many protocols that work at layer 2 (like PPP and Frame-Relay). However, if you just look at the LAN, the most well-known protocol associated with layer 2 is Ethernet. The Ethernet protocol uses MAC addresses to identify unique devices on the network. Any data at layer 2 is called a frame. Ethernet switches work at layer 2 to switch Ethernet packets. To do this, they keep a MAC address table or CAM table — mapping MAC addresses to switch ports.
Layer 1 - PhysicalThe physical layer provides the actual connection between devices. Ethernet cables and fiber optic cables work at layer 1. Data goes through the cables via electricity or light. That data is now represented as a bit (a one or a zero).
Understanding the network “big picture”
There are many new Cisco admins out there who may understand how to unlock a switch port or how to configure IP addressing, but they don’t see, really, how the network functions. By understanding the OSI model, you can see the “big picture” of how the network really works.
You can understand how bits are sent as electrical signals across copper wires; how those are reassembled into frames by Ethernet in layer 2; how the frames are switched to the right destination; how that PC disassembles the frame and packet to verify that it is the right destination IP; how it breaks up the segment at the transport layer, responds with an acknowledgement (ACK), and sends the data up to the session, presentation, and application layers; and how every tiny communication requires this whole process to happen many times per second.
Once you understand the OSI model, you will be a much better network troubleshooter. For example, in my article “Choosing a network troubleshooting methodology,” I cover how to use the OSI model to troubleshoot the network either by starting at the top or the bottom or by using the “divide and conquer” approach.
If your Ethernet cable is disconnected, at what layer is your problem to be found? Answer: layer 1.
If your ACL is dropping your TCP data, where is the trouble? Answer: layer 4.
If your IPSec is misconfigured, where is the problem? Answer: layer 4.
"see Cisco’s Internetworking Technology Handbook. "
Here's how the OSI model works: Traffic flows down from the application to the physical layer across the network using the physical medium (for example, an Ethernet cable) to the receiver's physical layer. It then moves up through the layers to the receiver's application.
Once on the receiver's side, the receiver becomes the sender, and the sender becomes the receiver. The response from the receiver traverses the reverse path and moves back to the original sender.
So if one of the layers of the OSI model doesn't work, no traffic will flow. For example, if the data link layer isn't working, the traffic will never make it from the application layer to the physical layer.
Bottom-up
The bottom-up approach is my personal favorite. As the name implies, start at the bottom—Layer 1, the physical layer—and work your way up to the top layer (application).
The physical layer includes the network cable and the network interface card. So if you encounter a broken or disconnected network cable, there's probably no need to do anymore troubleshooting.
You must resolve any physical layer problems before moving on. After fixing the problem, check to see if the trouble still exists. If so, move on to troubleshooting the data link layer.
For example, an Ethernet LAN has an Ethernet switch, which keeps a table of MAC addresses. If there's something wrong with that table—such as a duplicate MAC entry—then resolve that problem before looking at anything on the network layer (e.g., an IP address or routing).
Top-down
Once again, the name of this methodology implies the approach. With the top-down method, start at the top of the OSI model (i.e., the application layer) and work your way down to the bottom layer (i.e., physical).
Divide and conquer
This approach involves a little more intuition. With the divide and conquer method, start at whichever layer you best feel is the root cause of the problem. From there, you can go either up or down through the layers. (Yes, folks, even the "no-method method" has a name.)
Choosing an approach
Which approach you decide to use may depend on where you believe the problem lies. For example, if a user is unable to browse the Web and you think most users have a lot of problems with spyware and Internet Explorer settings, then you may want to start with the top-down approach. On the other hand, if the user mentions that he or she just connected a laptop to the network and can't browse the Web, you might want to use the bottom-up method since there's a good chance the user has a disconnected cable or similar problem.
Do you use a troubleshooting methodology when dealing with networking problems? If so, post your approach in this article's discussion. How important do you think it is to have a troubleshooting methodology?
The applications and protocols that make up the network reside at different layers of the OSI model. Those layers are:
Layer 7 – Application
Layer 6 – Presentation
Layer 5 – Session
Layer 4 – Transport
Layer 3 – Network
Layer 2 – Data Link
Layer 1 – Physical
Here are some common ways to remember the OSI model:
All People Seem To Need Data Processing
Please Do Not Throw Sausage Pizza Away
Phew Dead Ninja Turtles Smell Particularly Awful
A common question is, “What application or protocol resides at each of the layers?” Here is a general overview:
Layer 7 - ApplicationThe application layer is where the protocols and services that make up your application reside. Examples of what is located here are: Telnet, File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).
Layer 6 - PresentationThe presentation layer “presents” the session layer data to the application. Examples of what is located here are: encryption (like IPSec), ASCII, and JPG.
Layer 5 - SessionThis layer is responsible for initiating and terminating network connections. Examples of the session layer are Remote Procedure Call (RPC) functions and the login portion of a SQL session.
Layer 4 - TransportTCP and UDP work at the transport layer. TCP provides the reliable, in-order delivery of your data, as well as error correction, sequencing, and windowing (flow control). Additionally, TCP at the transport layer provides source and destination port numbers that are commonly associated with applications. For example, TCP port 25 is SMTP, 23 is telnet, 22 is SSH, 80 is HTTP, and so on. These port numbers are very important if you are configuring an ACL (see my article, “What you need to know about Cisco IOS access-list filtering“) or studying for a certification test like the CCNA. Data at the transport layer is called a segment.
Layer 3 - NetworkThe network layer is where the “IP” part of “TCP/IP” happens. IP is responsible for addressing in the network. Because IP works at layer 3, you could also say that routing and routers work at layer 3. Any data at layer 3 is called a packet.
Layer 2 - Data LinkIf you think about a WAN, there are many protocols that work at layer 2 (like PPP and Frame-Relay). However, if you just look at the LAN, the most well-known protocol associated with layer 2 is Ethernet. The Ethernet protocol uses MAC addresses to identify unique devices on the network. Any data at layer 2 is called a frame. Ethernet switches work at layer 2 to switch Ethernet packets. To do this, they keep a MAC address table or CAM table — mapping MAC addresses to switch ports.
Layer 1 - PhysicalThe physical layer provides the actual connection between devices. Ethernet cables and fiber optic cables work at layer 1. Data goes through the cables via electricity or light. That data is now represented as a bit (a one or a zero).
Understanding the network “big picture”
There are many new Cisco admins out there who may understand how to unlock a switch port or how to configure IP addressing, but they don’t see, really, how the network functions. By understanding the OSI model, you can see the “big picture” of how the network really works.
You can understand how bits are sent as electrical signals across copper wires; how those are reassembled into frames by Ethernet in layer 2; how the frames are switched to the right destination; how that PC disassembles the frame and packet to verify that it is the right destination IP; how it breaks up the segment at the transport layer, responds with an acknowledgement (ACK), and sends the data up to the session, presentation, and application layers; and how every tiny communication requires this whole process to happen many times per second.
Once you understand the OSI model, you will be a much better network troubleshooter. For example, in my article “Choosing a network troubleshooting methodology,” I cover how to use the OSI model to troubleshoot the network either by starting at the top or the bottom or by using the “divide and conquer” approach.
If your Ethernet cable is disconnected, at what layer is your problem to be found? Answer: layer 1.
If your ACL is dropping your TCP data, where is the trouble? Answer: layer 4.
If your IPSec is misconfigured, where is the problem? Answer: layer 4.
"see Cisco’s Internetworking Technology Handbook. "
Here's how the OSI model works: Traffic flows down from the application to the physical layer across the network using the physical medium (for example, an Ethernet cable) to the receiver's physical layer. It then moves up through the layers to the receiver's application.
Once on the receiver's side, the receiver becomes the sender, and the sender becomes the receiver. The response from the receiver traverses the reverse path and moves back to the original sender.
So if one of the layers of the OSI model doesn't work, no traffic will flow. For example, if the data link layer isn't working, the traffic will never make it from the application layer to the physical layer.
Bottom-up
The bottom-up approach is my personal favorite. As the name implies, start at the bottom—Layer 1, the physical layer—and work your way up to the top layer (application).
The physical layer includes the network cable and the network interface card. So if you encounter a broken or disconnected network cable, there's probably no need to do anymore troubleshooting.
You must resolve any physical layer problems before moving on. After fixing the problem, check to see if the trouble still exists. If so, move on to troubleshooting the data link layer.
For example, an Ethernet LAN has an Ethernet switch, which keeps a table of MAC addresses. If there's something wrong with that table—such as a duplicate MAC entry—then resolve that problem before looking at anything on the network layer (e.g., an IP address or routing).
Top-down
Once again, the name of this methodology implies the approach. With the top-down method, start at the top of the OSI model (i.e., the application layer) and work your way down to the bottom layer (i.e., physical).
Divide and conquer
This approach involves a little more intuition. With the divide and conquer method, start at whichever layer you best feel is the root cause of the problem. From there, you can go either up or down through the layers. (Yes, folks, even the "no-method method" has a name.)
Choosing an approach
Which approach you decide to use may depend on where you believe the problem lies. For example, if a user is unable to browse the Web and you think most users have a lot of problems with spyware and Internet Explorer settings, then you may want to start with the top-down approach. On the other hand, if the user mentions that he or she just connected a laptop to the network and can't browse the Web, you might want to use the bottom-up method since there's a good chance the user has a disconnected cable or similar problem.
Do you use a troubleshooting methodology when dealing with networking problems? If so, post your approach in this article's discussion. How important do you think it is to have a troubleshooting methodology?
Telnet
Steps to Telnet over SSH (tunneling port 23 through port 22)
Step1:
Remote PC needs putty.exe on it. Configure it with Document attached here TunnelWithPutty (3.3 MB size). or (Try This Putty Config) Like I said. Configure it to work on your LAN first. Establish a tunnel to your SSH server. Download CopSSH here. What you do is create tunnel with putty.exe and then open up cmd prompt and telnet into with your new DNS name you made on DynDns website account. This is cool! DNS provider so you can reference your public IP with and updated DNS name. DynDNS.com.Step2:
Setup an account at DynDns.com and you can have free DNS name. For example, my remote access name on the public sector is say itdaddy.bluecow.com. They give out free public name spaces that reference your dynamic public IP address. After establishing an acccount there, you can pick from many parent names such as bluecow.com (made that one up myself) but they have many parent names. You are allowed to name your child domain for example like mine “itdaddy.bluecow.com”. They give you a list of programs to install on your SSH server or computer that has internet access and that is on all the time. This IP updater, updates DynDns DNS servers with your Dynamic public ip from the inside of your LAN. This is nice to use to access your SSH server via name that will always have the most current public IP address.
Step3:
Setup port forwading of port 22 only to your SSH server. No need to setup Telnet 23 port forwarding since you are tunneling through port 22. Kind of weird but it works.
Step4:
SSH server with CopSSH running on this. You can also have your IP updater from DynDNS run on this server to keep your DNS name on the public DNS servers updated daily – I love this.
Step5:
I have a Cisco 2511 access router setup with reverse DNS. DO a google on setting up you access server. Easy to setup. If you need any help you just ask me on this site. And I can help you figure your reverse telnet setup on your access router. Please first play with yourself. You can do it!
What I do also is setup an an ACL on this ethernet port to my Access Router to only allow telnet traffic on port 23 to come from my SSH server IP address only. Since once I have my SSH tunnel from public WAN to my Private LAN on my SSH server. I then like I said telnet again from the SSH server to my 2511. This is again because I have no image that has SSH server on it to my Access Server direct. If I had a SSH server on my 2511 router, I would have my firwall port forward to that. But maybe I am more secure have myself telnet again from my SSH server to the access router and having and ACL setup to allow port 23 traffic from my SSH server only. This might be more secure. It works well.
Step6:
Finally, I looked up on the internet how to setup a Access router using reverse telnet and Loopback address. Do a google on setup of a Cisco Access router. Very cool to setup. Not hard at all. With my Access Router, I nolonger have to switch my console cable back and forth to all my Cisco devices. I just bring up one console and remote in to each device via one console session. Cool huh? I will eventuallly show you my setup for my access router on this blog soon. Enjoy!
Tips: Setup Tunnelling within your LAN first. Then try it from WAN to your LAN.
Step1:
Remote PC needs putty.exe on it. Configure it with Document attached here TunnelWithPutty (3.3 MB size). or (Try This Putty Config) Like I said. Configure it to work on your LAN first. Establish a tunnel to your SSH server. Download CopSSH here. What you do is create tunnel with putty.exe and then open up cmd prompt and telnet into with your new DNS name you made on DynDns website account. This is cool! DNS provider so you can reference your public IP with and updated DNS name. DynDNS.com.Step2:
Setup an account at DynDns.com and you can have free DNS name. For example, my remote access name on the public sector is say itdaddy.bluecow.com. They give out free public name spaces that reference your dynamic public IP address. After establishing an acccount there, you can pick from many parent names such as bluecow.com (made that one up myself) but they have many parent names. You are allowed to name your child domain for example like mine “itdaddy.bluecow.com”. They give you a list of programs to install on your SSH server or computer that has internet access and that is on all the time. This IP updater, updates DynDns DNS servers with your Dynamic public ip from the inside of your LAN. This is nice to use to access your SSH server via name that will always have the most current public IP address.
Step3:
Setup port forwading of port 22 only to your SSH server. No need to setup Telnet 23 port forwarding since you are tunneling through port 22. Kind of weird but it works.
Step4:
SSH server with CopSSH running on this. You can also have your IP updater from DynDNS run on this server to keep your DNS name on the public DNS servers updated daily – I love this.
Step5:
I have a Cisco 2511 access router setup with reverse DNS. DO a google on setting up you access server. Easy to setup. If you need any help you just ask me on this site. And I can help you figure your reverse telnet setup on your access router. Please first play with yourself. You can do it!
What I do also is setup an an ACL on this ethernet port to my Access Router to only allow telnet traffic on port 23 to come from my SSH server IP address only. Since once I have my SSH tunnel from public WAN to my Private LAN on my SSH server. I then like I said telnet again from the SSH server to my 2511. This is again because I have no image that has SSH server on it to my Access Server direct. If I had a SSH server on my 2511 router, I would have my firwall port forward to that. But maybe I am more secure have myself telnet again from my SSH server to the access router and having and ACL setup to allow port 23 traffic from my SSH server only. This might be more secure. It works well.
Step6:
Finally, I looked up on the internet how to setup a Access router using reverse telnet and Loopback address. Do a google on setup of a Cisco Access router. Very cool to setup. Not hard at all. With my Access Router, I nolonger have to switch my console cable back and forth to all my Cisco devices. I just bring up one console and remote in to each device via one console session. Cool huh? I will eventuallly show you my setup for my access router on this blog soon. Enjoy!
Tips: Setup Tunnelling within your LAN first. Then try it from WAN to your LAN.
Register values
oops have you ever tried changing the config-register values for fun to see what they would do?I have. I changed the config-register values to these:
0×2142 skip NVRAM0×2102 boot to NVRAM0×1 rommon (safe mode)0×0 rom only (very limited IOSThe command to modify the configuration register value is o/r, followed by the new register value. After pressing enter, use
the command i to initialize the router. The i command reloads the router, using the new configuration register setting. In
this case, a configuration register value of 0×2102 ensures that the router will boot as per the factory default settings.
:Use this when in ROM mode only; great to change config register back to booting to NVRAM. I was stuff here awhile trying to find ROM mode only command to change config-register. Phewww! Here it is. This value 2102 changes it bakc to boot normally from NVRAM. Yeah!
>o/r 0×2102>i
If you issue the break sequence on a Cisco 2600 router, you’ll be presented with the rommon> prompt. Although the commands
from this prompt are a little different, they achieve the same result. In the example below, we’re setting the configuration
register to 0×2142, which tells the router to ignore the contents of the startup configuration file, since bit 6 has been
set. The command to change the configuration register from the rommon> prompt is confreg, followed by the new register value.
To reload the router, issue the reset command.
rommon 1>confreg 0×2142rommon 2>reset
After issuing the reset command, the router will reboot using the new configuration register value of 0×2142.
Common configuration register settings and their meanings:
0×2102 The default configuration register setting. The break command is disabled, the contents of NVRAM are processed, and
the router will boot according to the commands stored in NVRAM
0×2101 The break command is disabled. The router will process the contents of NVRAM, but will boot into the RxBoot image
stored in ROM.
0×2100 The break command is disabled, and the router will boot into ROM Monitor mode.
0×2142 The break command is disabled, and the router will ignore the contents of NVRAM during the boot process.
0×2002 The break command is enabled, but otherwise the router will boot normally.
0×2142 skip NVRAM0×2102 boot to NVRAM0×1 rommon (safe mode)0×0 rom only (very limited IOSThe command to modify the configuration register value is o/r, followed by the new register value. After pressing enter, use
the command i to initialize the router. The i command reloads the router, using the new configuration register setting. In
this case, a configuration register value of 0×2102 ensures that the router will boot as per the factory default settings.
:Use this when in ROM mode only; great to change config register back to booting to NVRAM. I was stuff here awhile trying to find ROM mode only command to change config-register. Phewww! Here it is. This value 2102 changes it bakc to boot normally from NVRAM. Yeah!
>o/r 0×2102>i
If you issue the break sequence on a Cisco 2600 router, you’ll be presented with the rommon> prompt. Although the commands
from this prompt are a little different, they achieve the same result. In the example below, we’re setting the configuration
register to 0×2142, which tells the router to ignore the contents of the startup configuration file, since bit 6 has been
set. The command to change the configuration register from the rommon> prompt is confreg, followed by the new register value.
To reload the router, issue the reset command.
rommon 1>confreg 0×2142rommon 2>reset
After issuing the reset command, the router will reboot using the new configuration register value of 0×2142.
Common configuration register settings and their meanings:
0×2102 The default configuration register setting. The break command is disabled, the contents of NVRAM are processed, and
the router will boot according to the commands stored in NVRAM
0×2101 The break command is disabled. The router will process the contents of NVRAM, but will boot into the RxBoot image
stored in ROM.
0×2100 The break command is disabled, and the router will boot into ROM Monitor mode.
0×2142 The break command is disabled, and the router will ignore the contents of NVRAM during the boot process.
0×2002 The break command is enabled, but otherwise the router will boot normally.
Cisco Boot Sequence
Booting up the Router
Cisco routers can boot Cisco IOS software from these locations:
1. Flash memory2. TFTP server3. ROM (not full Cisco IOS)
There are some options which provide flexibility and fallback alternatives:Default boot sequence for Cisco IOS software:1. NVRAM2. Flash (sequential)3. TFTP server (network boot)4. ROM (partial IOS)
Note: boot system commands can be used to specify the primary IOS source and fallback sequences.
Booting up the router and locating the Cisco IOS
1. POST (power on self test)2. Bootstrap code executed3. Check Configuration Register value (NVRAM) which can be modified using the config-register command
0 = ROM Monitor mode1 = ROM IOS2 – 15 = startup-config in NVRAM
4. Startup-config file: Check for boot system commands (NVRAM)If boot system commands in startup-configa. Run boot system commands in order they appear in startup-config to locate the IOSb. [If boot system commands fail, use default fallback sequence to locate the IOS (Flash, TFTP, ROM)?]
If no boot system commands in startup-config use the default fallback sequence in locating the IOS:a. Flash (sequential)b. TFTP server (netboot)c. ROM (partial IOS) or keep retrying TFTP depending upon router model
5. If IOS is loaded, but there is no startup-config file, the router will use the default fallback sequence for locating the IOS and then it will enter setup mode or the setup dialogue.6. If no IOS can be loaded, the router will get the partial IOS version from ROM===================================================================
Default (normal) Boot Sequence
Power on Router – Router does POST – Bootstrap starts IOS load – Check configuration registerto see what mode the router should boot up in (usually 0×102 to 0×10F to look in NVRAM) – check the startup-config file in NVRAM for boot-system commands (normally there aren’t any) – load IOS from Flash.
Boot System Commands
Router(config)# boot system flash IOS filename – boot from FLASH memoryRouter(config)# boot system tftp IOS filename tftp server ip address – boot from a TFTP serverRouter(config)# boot system rom – boot from system ROM
Configuration Register Command
Router(config)# config-register 0×10x (where that last x is 0-F in hex)
When the last x is:0 = boot into ROM Monitor mode1 = boot the ROM IOS2 – 15 = look in startup config file in NVRAM
Cisco routers can boot Cisco IOS software from these locations:
1. Flash memory2. TFTP server3. ROM (not full Cisco IOS)
There are some options which provide flexibility and fallback alternatives:Default boot sequence for Cisco IOS software:1. NVRAM2. Flash (sequential)3. TFTP server (network boot)4. ROM (partial IOS)
Note: boot system commands can be used to specify the primary IOS source and fallback sequences.
Booting up the router and locating the Cisco IOS
1. POST (power on self test)2. Bootstrap code executed3. Check Configuration Register value (NVRAM) which can be modified using the config-register command
0 = ROM Monitor mode1 = ROM IOS2 – 15 = startup-config in NVRAM
4. Startup-config file: Check for boot system commands (NVRAM)If boot system commands in startup-configa. Run boot system commands in order they appear in startup-config to locate the IOSb. [If boot system commands fail, use default fallback sequence to locate the IOS (Flash, TFTP, ROM)?]
If no boot system commands in startup-config use the default fallback sequence in locating the IOS:a. Flash (sequential)b. TFTP server (netboot)c. ROM (partial IOS) or keep retrying TFTP depending upon router model
5. If IOS is loaded, but there is no startup-config file, the router will use the default fallback sequence for locating the IOS and then it will enter setup mode or the setup dialogue.6. If no IOS can be loaded, the router will get the partial IOS version from ROM===================================================================
Default (normal) Boot Sequence
Power on Router – Router does POST – Bootstrap starts IOS load – Check configuration registerto see what mode the router should boot up in (usually 0×102 to 0×10F to look in NVRAM) – check the startup-config file in NVRAM for boot-system commands (normally there aren’t any) – load IOS from Flash.
Boot System Commands
Router(config)# boot system flash IOS filename – boot from FLASH memoryRouter(config)# boot system tftp IOS filename tftp server ip address – boot from a TFTP serverRouter(config)# boot system rom – boot from system ROM
Configuration Register Command
Router(config)# config-register 0×10x (where that last x is 0-F in hex)
When the last x is:0 = boot into ROM Monitor mode1 = boot the ROM IOS2 – 15 = look in startup config file in NVRAM
Subscribe to:
Posts (Atom)