Network Troubleshooting

Sep 8 2009   9:45AM GMT

Remote Telnet useful tips!

Posted by: Yasir Irfan
Switches, Cisco, Cisco Tips, Cisco 3560, Cisco Learning, Network Troubleshooting, IOS commands, Cisco Routers, reload, Cisco Switch, Cisco Troubleshooting, Router Troubleshooting, Telnet, SSH

 

We all work remotely with Cisco routers and Switches, we often do login to do some configuration changes in the Cisco routers and Switches. What if we configured wrongly in the live Cisco routers and Switches which are located in the remote sites, we don’t enjoy the liberty of resetting the devices unless we have control over the power distribution.

 

In this scenario the “reload” command proves to be very handy and useful. Just before making any changes to the configuration we can use the “reload” command as demonstrated below

 

ITKE-Cisco#reload in ?

Delay before reload (mmm or hhh:mm)

 

ITKE-Cisco#reload in 10

 

System configuration has been modified. Save? [yes/no]: no

Building configuration…

[OK]

Reload scheduled in 10 minutes by yasir on vty0 (10.0.0.5)

Proceed with reload? [confirm]

ITKE-Cisco#

ITKE-Cisco#

 

 

***

*** — SHUTDOWN in 0:05:00 —

***

 

The above demonstrated command will reload the device in 10 minutes. After applying the “reload” command we can proceed with the configuration changes. If things go wrong and we lost connectivity

to the device, then try back after 10 minutes as the device will get reloaded with the original startup-configuration which can helps us to restore the connectivity to the device.

 

Once we are sure about the new configuration and its working properly without any hassles there is always a way  “reload cancel” command is there to cancel the reload.

 

ITKE-Cisco#reload cancel

 

I find this command to be very handy and useful especially when we have to telnet or SSH to remote Cisco router or a Switch.

Jul 27 2009   5:55AM GMT

Reset Cisco 1250 Access Point to factory default settings

Posted by: Yasir Irfan
Cisco Aironet 1250, Access Point, Access Point troubleshooting, factory default settings, Cisco Access Point reset, write erase, Cisco Access Points, Cisco Tips, Cisco Commands, troubleshooting, Network Troubleshooting, web browser interface, Static IP, default settings, Cisco, Cisco Aironet 1250 Access Point, Wireless

 

If you want to reset the Cisco Aironet 1250 Access Point to factory default settings you have to use “Write erase or erase/all nvram” command, these commands resets the Cisco Aironet 1250 Access Point to factory default settings except the static IP Configured. This feature is really helpful if you reset the Cisco Aironet 1250 Access Point accidentally. Still you will have an option to access Cisco Aironet 1250 Access Point  using a web browser interface.

Mindful thinking from Cisco.

 

 

Jul 22 2009   6:13AM GMT

Review for CCNA 640-802 Network Simulator

Posted by: Yasir Irfan
CCNA, Cisco Learning, CCNA Network Simulator, CCNA 640-802, software, CENT, CCENT, Switch Navigation, LAN Switching, IP addressing, IP Routing, Switching, WAN, STP, VLANS, Network Troubleshooting, CCNA Labs, Cisco Certifications, Cisco Press, Pearson Education, CCNA ICND2 640-816, ICDN2, ICDN1, 640-802 CCNA Exam, Real Network, Review for CCNA Network Simulator, CCNA 640-802 Network Simulator

 

If you are preparing for the CCNA 640-802 Certification exam and you are not willing to invest on hardware to setup you own lab, then the CCNA 640-802 Network Simulator released recently by Cisco Press  is the right Simulator for you.

The CCNA 640-802 Network Simulator  is a state of the art, interactive simulation software, which allows you to practice your networking skills with more than 250 labs, specifically designed strengthen CCNA and CCENT exam topics, including router and switch navigation and administration, LAN switching, IP addressing, routing, WANs, Spanning Tree Protocols,  VLANs and trunking, IP routing protocols, scaling IP, and troubleshooting.

 

The CCNA 640-802 Network Simulator will surely allow you to discover the realistic network device response as you work through each of the labs developed by the bestselling author and an expert instructor Wendell Odom.

 

 

  Continued »

Dec 2 2008   7:30AM GMT

How to configure SPAN(Switched Port Analyzer ) feature in a Cisco Catalyst Switch

Posted by: Yasir Irfan
Switches, Cisco, Switching, Cisco IOS, Wireshark, Cisco 2960, Cisco 2950, Cisco 6500, Cisco Tips, Cisco 3560, Cisco 3745, Cisco Learning, Cisco 3750-E, Cisco 3560-E, Network Troubleshooting, Show commands, Cisco 6500 Series Catalyst Switch, Cisco 6503, Cisco Catalyst 6503-E Switch, Cisco Catalyst 6506-E Switch, Cisco Catalyst 6509-V-E Switch, Cisco Catalyst 6509-E Switch, Cisco Catalyst 6513 Switch, SPAN, Sniifer

It’s quite important for Network Engineers and an essential network troubleshooting technique to utilize the ability of Cisco Catalyst Switches to mirror the traffic and send it to a sniffer for analysis. All Cisco Catalyst Switches support the Switched Port Analyzer (SPAN) feature. The SPAN copies traffic from the specified interface or VLANs and mirrors this traffic to a specified destination interface (SPAN interface).  Then you can connect the PC with a sniffing tool (Wireshark) installed on the destination SPAN interface to capture all the mirrored traffic.Let’s see how to configure the SPAN in Cisco Catalyst Switches.  To enable the switch SPAN mirroring feature configure the following on the catalyst switch: Configuration Example - Monitoring traffic from a specific interfaceITKEAS01#configure tITKEAS01(config) monitor session 1 source interface gigabitEthernet 0/5

ITKEAS01(config)#monitor session 1 destination interface gigabitEthernet 0/10 

The  above configuration will capture all traffic from interface gigabitEthernet 0/5  and send it to SPAN port interface gigabitEthernet 0/10 

Configuration Example - Monitoring an entire VLAN traffic
ITKEAS01(config)#monitor session 1 source vlan 100
ITKEAS01(config) monitor session 1 destination interface gigabitEthernet 0/10 The  above configuration will capture all traffic of VLAN 100 and send it to SPAN port interface gigabitEthernet 0/10

Use  show monitor session 1 to verify your configuration.

Nov 17 2008   5:16AM GMT

In which slot shall we install the Supervisor Engine in Cisco 6500 Series Catalyst Switches -Series2

Posted by: Yasir Irfan
Switches, Cisco, Switching, Routing and Switching, Cisco 6500, Cisco Tips, Network Troubleshooting, Cisco Systems, Cisco 6500 Series Catalyst Switch, Cisco Catalyst 6506-E Switch, SUP720, Supervisor Engine

Dear Friends in one of my previous post I did explained in which slot the Supervisor Engine SUP720  to be installed in a Cisco 6500 Series Switches. Now let’s proceed further and figure out in a Cisco Catalyst 6506-E Switch, in a Cisco Catalyst 6506-E Switch the  Supervisor Engine SUP720 is either installed in slot 5 or 6.

Nov 12 2008   12:56PM GMT

Solution for %IP-4-DUPADDR: Duplicate address error log in your Cisco 6500 Switches running HSRP

Posted by: Yasir Irfan
Switches, Cisco, Switching, Routing and Switching, Cisco IOS, WebEx, Hot Standby Router Protocol, HSRP, Cisco 6500, Cisco Tips, Cisco Learning, Network Troubleshooting, Cisco Systems, Cisco 6500 Series Catalyst Switch, Cisco Catalyst 6513 Switch, Cisco Support, TAC

Dear Friends In my previous post I was talking about the HSRP error generated in Cisco 6513 Switches with a Duplicate IP Address. I did open a TAC case with Cisco Systems. I should first of all salute Cisco for the great support to solve this issue.  Cisco TAC Engineer Mr. Pradeep was in constant touch with me in this case to resolve the issue. The best part of their support is the use of technology. Mr. Pradeep initiated a Web Ex meeting with me and spent more than hour to check step by step.  He helped me a lot and did learned lot of things from Cisco TAC team, like how to approach the problem and what measures should be taken to trouble shoot any problem. Finally we came to the conclusion there are no bugs or errors in the IOS we are using. There are no problems either in hardware or in the current configuration.I would like to quote the solution provided Mr. Pradeep TAC Engineer, Cisco Systems “Let me summarize this issue. You told me that there is one Trojan affected PC/ Host, which is connected to your access switch. Further, you got some duplicate IP address messages on your core switch. During troubleshooting, I have checked and verified that the Cisco’s Switches are working fine. Their configurations were correct. Generally duplicate IP addresses can be impounded by “broken HSRP links” or “incorrect DHCP pool configuration”, or by misconfiguration of switches or STP. I found that this entire setup is configured correctly. Furthermore, I would like to inform you that Cisco’s IOS cannot resolve Trojan issue on any PC. PC has got its own Operating System, and IOS can work only and only on “Cisco’s device”

 So now it’s quite clear if you face this kind of problem make sure the infected PC is removed from the network and make sure it s free from any sort of Trojans or Virus.

Nov 9 2008   6:51AM GMT

Don’t panic whenever you see %IP-4-DUPADDR: Duplicate address error log in your Cisco 6500 Switches running HSRP

Posted by: Yasir Irfan
Networking, Switches, Cisco, Switching, Routing and Switching, Hot Standby Router Protocol, HSRP, Cisco 6500, Cisco Tips, Network Troubleshooting, Trojan, Cisco Systems, Cisco 6500 Series Catalyst Switch, Cisco 6503, Cisco Catalyst 6503-E Switch, Cisco Catalyst 6506-E Switch, Cisco Catalyst 6509-V-E Switch, Cisco Catalyst 6509-E Switch, Cisco Catalyst 6513 Switch

If you are running HSRP and one of your VLAN is down and the following errors are generated in your Switch don’t panic. All this happens due the Trojans in the network.

MBGF-DAC-6500-BB01#sho log

Nov  9 07:54:21: %IP-4-DUPADDR: Duplicate address 10.12.0.2 on Vlan106, sourced by 000f.fe0a.1fbc

Nov  9 07:54:52: %IP-4-DUPADDR: Duplicate address 10.12.0.2 on Vlan106, sourced by 000f.fe0a.1fbc

Nov  9 07:55:22: %IP-4-DUPADDR: Duplicate address 10.12.0.2 on Vlan106, sourced by 000f.fe0a.1fbc

Nov  9 07:55:52: %IP-4-DUPADDR: Duplicate address 10.12.0.2 on Vlan106, sourced by 000f.fe0a.1fbc

Nov  9 07:56:11: %SEC-6-IPACCESSLOGS: list 12 permitted 10.0.0.1 256 packets

Nov  9 07:56:22: %IP-4-DUPADDR: Duplicate address 10.12.0.2 on Vlan106, sourced by 000f.fe0a.1fbc

Nov  9 07:56:52: %IP-4-DUPADDR: Duplicate address 10.12.0.1 on Vlan106, sourced by 000f.fe0a.1fbc

Nov  9 07:57:11: %SEC-6-IPACCESSLOGS: list 12 permitted 10.0.0.2 263 packets

Nov  9 07:57:11: %SEC-6-IPACCESSLOGS: list 12 permitted 10.0.0.7 200 packets

Nov  9 07:57:22: %IP-4-DUPADDR: Duplicate address 10.12.0.1 on Vlan106, sourced by 000f.fe0a.1fbc

Nov  9 07:57:52: %IP-4-DUPADDR: Duplicate address 10.12.0.2 on Vlan106, sourced by 000f.fe0a.1fbc

MBGF-DAC-6500-BB01#

Last week at 3 A.M I received a call from our Help Desk, stating our applications are not running in one our departments. I logged remotely to our Network and try figured out what is problem. Upon carefully looking at the logs in our Cisco 6513 core Switches I figured out a duplicate IP address is created which happens to be the Standby IP address for the Core Switch for HSRP.

I figured out the PC by looking the at mac address generated in the log and closed the network connection for that particular PC and the problem was solved.

If you face similar problems its better to change the HSRP Standby IP address in Core Switches and then try figure out the infected PC. Once the PC is figured out close the network connection and make sure the Trojans are removed. Upon cleaning the infected PC you can reconfigure the HSRP Standby IP address to the previous one.

Once I get the complete solution to fix this problem I will post it.

Oct 6 2008   7:34AM GMT

Things to be considered before upgrading an IOS in a Cisco 6500 Series Switch with SUP720- Series 3

Posted by: Yasir Irfan
Networking, Switches, Cisco IOS, Cisco 6500, Cisco Tips, Network Troubleshooting, Redundency, IOS commands, IOS Upgrade, Cico 6500 IOS Upgarde, Cisco 6500 Power Supply, Redundent Power Supply

In the second series I  was talking about the Compact flash memory, now let’s proceed further, one more key thing you must consider before starting an IOS upgrade for a Cisco Catalyst 6513 Switch with Supervisor Engine SUP720 is the redundant power supply.  Make sure the Cisco Catalyst 6513 Switch is installed with the redundant power supply and they are connected to two different power sources.  Suppose one power source fails then the other source can take care of the Cisco Catalyst 6513 Switch while the IOS upgrade is going on.

Sep 29 2008   12:26AM GMT

Things to be considered before upgrading an IOS in a Cisco 6500 Series Switch with SUP720- Series 1

Posted by: Yasir Irfan
Networking, Switches, Cisco, DataCenter, Cisco IOS, TFTP Server, Cisco 6500, Cisco Tips, Cisco Learning, Network Troubleshooting, IOS Upgrade, 3Com TFTP, SolarWinds, PacketTrap TFTP, PacketTrap pt360

Today I successfully upgraded the IOS for a Cisco Catalyst 6513 Switch with Supervisor Engine SUP720. Couple of years I faced some problems while I was upgrading the IOS for Catalyst 6513 Switch. In this series I will try to focus on the things to be considered before upgrading an IOS in Cisco Catalyst 6513 Switch.

First and foremost is the TFTP server. The main problem you face is the file size limitations with the TFTP servers. Most of the TFTP servers won’t support more than 30 MB of IOS file to transfer. At that time I was using Solar Winds TFTP server which is an excellent software but cannot support more than 30 MB. The IOS transfer failed exactly after 30 MB of transfer. I was worried what might be the problem, after careful observation I figured out the problem lies with the Solar Winds TFTP server .Then I tried Cisco’s old TFTP server but the same problem. Later on I figured out TFTP server can support more than 30 MB of file transfer.

Hence after changing to 3Coms 3CDaemon Server  &  PacketTrap pt360 Tool Suite FREE edition I could able to transfer the IOS files more than 30 MB. So the main point is to make sure your TFTP server can support more than 30 MB of file transfer as always the image file for Cisco Catalyst 6513 Switch is more than 30 MB in size. Presonally I would recommend the TFTP server from PacketTRAP pt360  Tool Suite

Things to be considered for IOS upgrade series 2 

Aug 30 2008   5:16AM GMT

A cool tool to solve layer 1 UTP cable issues in Cisco Catalyst Switches.

Posted by: Yasir Irfan
Switches, Cisco, Cisco Tips, Cisco 3560, Cisco Learning, Cisco 3750-E, Cisco 3560-E, Network Troubleshooting, IOS commands, Layer 1 issues

Here is a simple and cool tool for solving layer 1 UTP cable issues in a Cisco Catalyst Switches, the command used for this function is “test cable-diagnostics tdr interface”
Here is the example

MBGF-DAC-3560-AS01#test cable-diagnostics tdr interface gigabitEthernet 0/1
TDR test started on interface Gi0/1
A TDR test can take a few seconds to run on an interface
Use ’show cable-diagnostics tdr’ to read the TDR results.
MBGF-DAC-3560-AS01#
The Catalyst 2960, 2970, 3560/3560-E, and 3750/3750-E switches have an integrated Time Domain Reflector (TDR), which is used to test cables associated with a port. TDR is supported only on 10/100/1000 and some 10/100 (Catalyst 2960) copper Ethernet ports. It is not supported on 10 GigabitEthernet or SFP module ports.

A TDR test can take a few seconds to run on an interface. Use “show cable-diagnostics tdr” to read the TDR results.

MBGF-DAC-3560-AS01#sho cable-diagnostics tdr interface gigabitEthernet 0/1
TDR test last run on: August 30 08:01:35

Interface Speed Local pair Pair length        Remote pair Pair status
——— —– ———- —————— ———– ——————–
Gi0/1     1000M Pair A     54   +/- 4  meters Pair A      Normal             
                Pair B     52   +/- 4  meters Pair B      Normal             
                Pair C     53   +/- 4  meters Pair C      Normal             
                Pair D     54   +/- 4  meters Pair D      Normal             
MBGF-DAC-3560-AS01#