Switch Troubleshooting Commands
| Some command-line interface commands are available that can aid you in troubleshooting a switch. Likewise, a few GUI applications are available that you can use to simplify some of the functions of maintaining and configuring the Cisco IOS. These helpful applications are discussed later in this chapter. This section looks at some of the commands that you can use to view the switch configuration and perform diagnostics to troubleshoot switch problems and configuration issues. Throughout this section I will first show you the output of each command from a Cisco 5000 series switch. Whenever possible the similar command and output used on the Cisco 4500 series switch will follow. Let's look at the following troubleshooting commands that can be used on the Cisco 5000:
show cam CommandProblems occur when network devices are configured with identical MAC addresses on more than one interface of a switch. When this happens, particularly in the same broadcast domain, it can become a major problem in your network. Imagine ARP trying to resolve an IP address to a MAC address and getting more than one response. Using the show cam command, you can view the list of known MAC addresses for interfaces attached to each switch port. Many dual- homed Unix workstations, such as those from Sun Microsystems, come with the same MAC address manually assigned on all the installed interfaces. This leaves the door wide open for a duplicate MAC address in the local network, preventing communication.
The following is an example of the output resulting from using the show cam command: Catalyst5002> (enable) show cam ? Usage: show cam [count] <dynamicstaticpermanentsystem> [vlan] show cam <dynamicstaticpermanent> <mod_num/port_num> show cam <mac_addr> [vlan] show cam agingtime Catalyst5002> (enable) show cam dynamic 2 VLAN Dest MAC/Route Des Destination Ports or VCs 2 00-30-19-4C-80-A6 2/4 2 00-30-19-4C-80-A8 2/18 2 00-30-19-4C-80-A6 2/15 2 00-30-19-4C-80-A6 2/12 2 00-30-19-4C-80-BC 2/9 2 00-30-19-4C-80-3F 2/10 2 00-30-19-4C-80-D4 2/6 2 00-30-19-4C-80-B3 2/7 2 00-30-19-4C-80-A2 2/2 2 00-80-00-00-12-D0 2/22 2 00-30-19-4C-80-C4 2/1 2 00-30-19-4C-80-3B 2/23 Total Matching CAM Entries Displayed = 12 Let's view similar information using the show mac-address-table command on a Cisco 4506 that uses the Cisco CLI IOS as shown below: 4506# show mac-address-table Unicast Entries vlan mac address type protocols port -------+---------------+--------+---------------------+-------------------- 1 000c.3032.8f7f static ip,ipx,assigned,other Switch 1 000c.30fb.7300 dynamic ip,other FastEthernet6/48 1 0030.f10e.504f dynamic ip FastEthernet3/1 Multicast Entries vlan mac address type ports -------+---------------+-------+------------------------------------------- 1 ffff.ffff.ffff static Switch,Fa3/1,Fa6/48 4506# Both of the commands in the output above show the MAC address of the host attached to each port listed in the output. They also show the protocols that are being used by the hosts attached to the switch. show cdp CommandCisco Discovery Protocol is a Cisco proprietary protocol used to discover neighboring Cisco devices. The show cdp command displays the hardware, IOS version, active interfaces, and much more. This information is passed between Cisco devices through CDP packets sent between Cisco devices on physical media that supports SNAP. CDP packets are multicast packets that are advertised by the Cisco router or switches but not forwarded. This protocol is available on Cisco IOS version IOS 10.3 and later. The show cdp command has two syntaxes. The following code shows the command and the output from the two available syntaxes: DCSCatalyst5000>(enable) show cdp ? neighbors Show CDP neighbors info port Show CDP port info <cr> Now let's take a look at the show cdp command: DCSCatalyst5000>(enable) show cdp CDP : enabled Message Interval : 60 Hold Time : 180 Version : V2 DCSCatalyst5000>(enable) DCSCatalyst5000>(enable) show cdp neighbors * - indicates vlan mismatch. # - indicates duplex mismatch. Port Device-ID Port-ID Platform ---- --------- ------- -------- 2/24 Router FastEthernet0# cisco 1750 DCSCatalyst5000>(enable) show cdp port 2/24 CDP : enabled Message Interval : 60 Hold Time : 180 Version : V2 Port CDP Status ---- ---------- 2/24 enabled DCSCatalyst5000>(enable) Let's view the show cdp neighbors command from the Cisco 4506 switch using the Cisco CLI shown below: 4506# show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID DCSRTR Fas 6/48 137 R S 3725 Fas 0/0 4506# show config CommandThe show config command displays the entire configuration of the switch and its modules except for the installed ATM modules. Of course, the internal route processors are separate entities and store their own configurations, so those modules are not included in the output. The accumulation of all the information from these components provides a large amount of troubleshooting information. The output from this includes the configured passwords, system information, protocol settings, interface configurations, and system log settings. The following is an example of the show config command and its output: Catalyst5002> (enable) show config ..... begin ! set password $hgjhru^jf#sdc set enablepass $hgjhru$fhkn set prompt Catlayst5002 set length 24 default set logout 0 set banner motd 'Unauthorized Use Prohibited!' ! #system set system baud 9600 set system modem disable set system name Catalyst5002 set system location Sacramento, CA set system contact Sean Odom ! #snmp set snmp community read-only public set snmp community read-write private set snmp community read-write-all all set snmp rmon disable set snmp trap enable module set snmp trap enable chassis set snmp trap enable bridge set snmp trap enable repeater set snmp trap enable vtp set snmp trap enable auth set snmp trap enable ippermit set snmp trap enable vmps ! #ip set interface sc0 2 68.127.186.100 255.255.255.0 68.127.186.255 set interface sl0 0.0.0.0 0.0.0.0 set arp agingtime 1200 set ip redirect enable set ip unreachable enable set ip fragmentation enable set ip route 0.0.0.0 68.127.186.254 0 set ip alias default 0.0.0.0 <OUTPUT CUT> Just like on the Cisco CLI IOS based routers the show running-config command displays the configuration of the Cisco 4500 series switch. Let's take a look at the output from a Cisco 4506 switch: 4506# show running-config Building configuration... Current configuration : 6996 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption service compress-config ! hostname 4506 ! boot system flash bootflash:cat4000-is-mz.121-13.EW.bin enable password g0 ! ip subnet-zero ip domain-name DigitalCrawlSpaces.com ! spanning-tree extend system-id ! interface GigabitEthernet1/1 ! interface GigabitEthernet1/2 ! interface GigabitEthernet2/1 ! interface GigabitEthernet2/2 ! interface GigabitEthernet2/3 ! interface GigabitEthernet2/4 ! interface GigabitEthernet2/5 ! interface GigabitEthernet2/6 ! interface GigabitEthernet2/7 ! interface GigabitEthernet2/8 ! interface GigabitEthernet2/9 ! interface GigabitEthernet2/10 ! interface GigabitEthernet2/11 ! interface GigabitEthernet2/12 ! interface GigabitEthernet2/13 ! interface GigabitEthernet2/14 ! interface GigabitEthernet2/15 ! interface GigabitEthernet2/16 ! interface GigabitEthernet2/17 ! interface GigabitEthernet2/18 ! interface GigabitEthernet2/19 ! interface GigabitEthernet2/20 ! interface GigabitEthernet2/21 ! interface GigabitEthernet2/22 ! interface GigabitEthernet2/23 ! interface GigabitEthernet2/24 ! interface Vlan1 ip address 10.1.2.55 255.255.0.0 ip rip send version 1 ip rip receive version 1 ! ip default-gateway 10.1.1.1 ip classless no ip http server ! line con 0 stopbits 1 line vty 0 5 password g0 login ! end 4506# The above shows the configuration of the Cisco 4506 switch we are using for this chapter. show flash and show platform CommandsThe Cisco 5000 IOS uses a Set/Clear “based command set that is different from the IOS found on Cisco routers. The IOS is stored in the flash memory stored on the Supervisor Engine module. The show flash command reports the space required for the installed software and the version of code. This includes the file names , date installed, time installed, and file sizes. The following is an example of output from installing a brand-new Supervisor Engine 3 module and software in a switch: DCSCatalyst5000>(enable) show flash -#- ED --type-- --crc--- -seek- nlen -length- ------date/time----- name 1 .. ffffffff d45a43c9 4eae44 22 4894147 Aug 09 2000 14:09:25 cat5000-sup3.5-5-2.bin 2707900 bytes available (4894276 bytes used) DCSCatalyst5000>(enable) On the Cisco 4506 switch using the Supervisor Engine 4 module and software you use show platform nvramenv , which displays similar information: 4506# show platform nvramenv PS1="rommon ! >" ConfigReg="0x2102" RET_2_RTS="10:08:11 UTC Sun Mar 24 2002" BOOT="bootflash:cat4000-is-mz.121-13.EW.bin,1" RommonVer="12.1(12r)EW" BootedFileName="bootflash:cat4000-is-mz.121-13.EW.bin" SkipDiags="0" BootStatus="Success" BSI="0" RET_2_RUTC="" The following lists other syntaxes of the show platform command that might be useful for troubleshooting: 4506# show platform ? chassis show platform chassis debug state cpu show CPU related information crashdump show most recent crashdump hardware show platform hardware debug state health show platform statistics gauging health of the system logfeatures show enabled debugging log features memory show SDRAM or hardware registers nvramenv show nvram environment variables portmap show internal port mapping of an interface software show platform software debug state The above output shows the many syntaxes available for the show platform command. show interface CommandThe show interface command can be used to get the IP configuration of the Supervisor Engine module. The VLAN information shown is for the management VLAN for the SC0 interface. This is the interface assigned to the default Supervisor Engine used for configuring the IP information for the switch, as well as the broadcast address. The following is the output: Catalyst5002> (enable) show interface sl0: flags=51<UP,POINTOPOINT,RUNNING> slip 0.0.0.0 dest 0.0.0.0 sc0: flags=63<UP,BROADCAST,RUNNING> vlan 1 inet 68.127.187.1 netmask 255.255.255.0 broadcast 68.127.187.255 The command on the Cisco 4500 series is the same as the Cisco 5000; however, the output looks quite different, and similar to that on a Cisco CLI-based router. Here is the output of the VLAN 1 interface, a Gigabit Ethernet Interface, and then a Fast Ethernet Interface: 4506# show interface Vlan1 is up, line protocol is up Hardware is Ethernet SVI, address is 000c.3032.8f7f (bia 000c.3032.8f7f) Internet address is 10.1.2.55/16 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec L3 in Switched: ucast: 2842 pkt, 131721 bytes - mcast: 0 pkt, 0 bytes L3 out Switched: ucast: 0 pkt, 0 bytes - mcast: 0 pkt, 0 bytes 2842 packets input, 131721 bytes, 0 no buffer Received 16614 broadcasts (0 IP multicast) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 interface resets 0 output buffer failures, 0 output buffers swapped out GigabitEthernet1/1 is up, line protocol is down (notconnect) Hardware is Gigabit Ethernet Port, address is 000c.3032.8f40 (bia 000c.3032.8f40) MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Auto-duplex, Auto-speed input flow-control is off, output flow-control is off ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts (0 multicast) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out FastEthernet3/1 is up, line protocol is up (connected) Hardware is Fast Ethernet Port, address is 000b.fd07.3030 (bia 000b.fd07.3030) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s input flow-control is off, output flow-control is off ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 1000 bits/sec, 2 packets/sec 5 minute output rate 2000 bits/sec, 2 packets/sec 27978 packets input, 2263913 bytes, 0 no buffer Received 4090 broadcasts (0 multicast) 0 runts, 0 giants, 0 throttles 29 input errors, 5 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 340648 packets output, 27974911 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collision, 0 deferred 1 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out The above output displays the current state of each of the interfaces on the switch. It displays the speed, duplex, the current line status, current protocol status, received packet statistics, and sent packet statistics. show log CommandUsing the show log command, you can look at the significant events. An example of the output for this command follows : DCSCatalyst5000>(enable) show log Network Management Processor (ACTIVE NMP) Log: Reset count: 30 Re-boot History: Aug 09 2000 14:26:18 0, Aug 09 2000 14:18:51 0 Aug 09 2000 13:44:30 0, Aug 09 2000 12:12: 8 0 Jul 07 2000 13: 5:32 0, Jul 07 2000 12:22:38 0 Jun 16 2000 16:53:25 0, Jun 16 2000 16: 7:48 0 Jun 16 2000 15:19:11 0, Jun 16 2000 12:17:32 0 Bootrom Checksum Failures: 0 UART Failures: 0 Flash Checksum Failures: 0 Flash Program Failures: 0 Power Supply 1 Failures: 23 Power Supply 2 Failures: 17 DRAM Failures: 0 Exceptions: 0 Loaded NMP version: 5.5(2) Reload same NMP version count: 1 Last software reset by user: 8/9/2000,14:25:15 MCP Exceptions/Hang: 0 Heap Memory Log: Corrupted Block = none NVRAM log: 01. 2/27/2000,15:28:39: updateRuntimeWithNVRAM:Redundancy switch over: 2 02. 1/14/1999,15:36:45: updateRuntimeWithNVRAM:Redundancy switch over: 2 03. 6/16/2000,12:18:16: updateRuntimeWithNVRAM:Redundancy switch over: 2 04. 6/16/2000,16:57:26: updateRuntimeWithNVRAM:Redundancy switch over: 2 05. 8/9/2000,14:21:41: convert_post_SAC_CiscoMIB:Block 0 converted from version 6 to 11 06. 8/9/2000,14:22:17: supVersion:Nmp version 5.5(2.0) Module 2 Log: Reset Count: 2 Reset History: Wed Aug 9 2000, 14:26:58 Wed Aug 9 2000, 14:22:40 Module 3 Log: Reset Count: 2 Reset History: Wed Aug 9 2000, 14:26:50 Wed Aug 9 2000, 14:22:32 02. 1/14/1999,15:36:45: updateRuntimeWithNVRAM:Redundancy switch over: 2 03. 6/16/2000,12:18:16: updateRuntimeWithNVRAM:Redundancy switch over: 2 04. 6/16/2000,16:57:26: updateRuntimeWithNVRAM:Redundancy switch over: 2 05. 8/9/2000,14:21:41: convert_post_SAC_CiscoMIB:Block 0 converted from version 6 to 11 06. 8/9/2000,14:22:17: supVersion:Nmp version 5.5(2.0) Module 2 Log: Reset Count: 2 Reset History: Wed Aug 9 2000, 14:26:58 Wed Aug 9 2000, 14:22:40 Module 3 Log: Reset Count: 2 Reset History: Wed Aug 9 2000, 14:26:50 Wed Aug 9 2000, 14:22:32 Module 5 Log: Reset Count: 2 Reset History: Wed Aug 9 2000, 14:27:13 Wed Aug 9 2000, 14:23:17 DCSCatalyst5000>(enable)
In the preceding output you see some helpful troubleshooting information, including the number of reboots of all the modules, traps, logged events, and power-supply failures. The command for the 4500 series switch is the same as the Cisco 5000 series switches. The following output shows the command used on the Cisco 4506. Notice that the output indicates that the device connected to Module 6 port 48 is experiencing a duplex misconfiguration problem where one end of the link is configured to half-duplex and the switch is configured for full-duplex: 4506# show log Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns) Console logging: level debugging, 303 messages logged Monitor logging: level debugging, 0 messages logged Buffer logging: level debugging, 303 messages logged Exception Logging: size (8192 bytes) Trap logging: level informational, 308 message lines logged Log Buffer (4096 bytes): PADDR: Duplicate address 10.1.2.55 on Vlan1, sourced by 0006.2541.d799 04:33:26: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet6/48,(not full duplex), with DCSRTR FastEthernet0/0(full duplex). 05:01:04: %SYS-5-CONFIG_I: Configured from console by vty0 (10.1.2.25) 6d03h: %SYS-5-CONFIG_I: Configured from console by vty0 (10.1.5.0) 4506# show mac CommandThe output for this command is quite long, but it's very informative of the state of the switch ports. By using this command, you can display numerous counters that are maintained during normal operation on all the switch ports. DCSCatalyst5000>(enable) show mac 2/24 Port Rcv-Unicast Rcv-Multicast Rcv-Broadcast ---- ----------- ------------- ------------- 2/24 71050 6221 166 Port Xmit-Unicast Xmit-Multicast Xmit-Broadcast ---- ----------- ------------- ------------- 2/24 69874 213965 1 Port Rcv-Octet Xmit-Octet ---- ----------- ---------- 2/24 7245197 20334845 MAC Dely-Exced MTU-Exced In-Discard Lrn-Discrd In-Lost Out-Lost --- ---------- --------- ---------- ---------- ------- -------- 2/24 0 0 0 0 0 0 Last-Time-Cleared Wed Jun 4 2003, 11:25:20 DCSCatalyst5000>(enable) You will notice from the preceding output that the counter information includes information on the traffic for each port, the number of incoming frames, the number of frame discards, the total number of frames sent, and the maximum transmission unit (MTU) violations. show module CommandThis command displays the modules located inside the switch chassis, or each individual module, by identifying a module number. The following is an example of output from using the show module command on a Cisco Catalyst 5000 switch: DCSCatalyst5000>(enable) show module Mod Slot Ports Module-Type Model Sub Status --- ---- ----- ----------- ----- --- ------ 1 1 0 Supervisor III WS-X5530 yes ok 2 2 24 10/100BaseTX Ethernet WS-X5225R no ok 3 3 12 100BaseFX MM Ethernet WS-X5111 no ok 5 5 1 Network Analysis/RMON WS-X5380 no ok Mod Module-Name Serial-Num --- ----------- ---------- 1 00011454261 2 00013426578 3 00003975931 5 00012148595 Mod MAC-Address(es) Hw Fw Sw --- --------------- -- -- -- 1 00-50-bd-a0-b0-00 to 00-50-bd-a0-b3-ff 2.0 3.1.2 5.5(2) 2 00-d0-06-a1-de-a8 to 00-d0-06-a1-de-bf 3.3 4.3(1) 5.5(2) 3 00-60-5c-21-b5-24 to 00-60-5c-21-b5-2f 1.0 1.3 5.5(2) 5 00-60-09-ff-77-5c 1.1 4.3.2 4.3(1a) Mod Sub-Type Sub-Model Sub-Serial Sub-Hw --- -------- --------- ---------- ------ Mod Slot Ports Module-Type Model Sub Status --- ---- ----- ----------- ----- --- ------ 1 1 0 Supervisor III WS-X5530 yes ok 2 2 24 10/100BaseTX Ethernet WS-X5225R no ok 3 3 12 100BaseFX MM Ethernet WS-X5111 no ok 5 5 1 Network Analysis/RMON WS-X5380 no ok Mod Module-Name Serial-Num --- ----------- ---------- 1 00011454261 2 00013426578 3 00003975931 5 00012148595 Mod MAC-Address(es) Hw Fw Sw --- --------------- -- -- -- 1 00-50-bd-a0-b0-00 to 00-50-bd-a0-b3-ff 2.0 3.1.2 5.5(2) 2 00-d0-06-a1-de-a8 to 00-d0-06-a1-de-bf 3.3 4.3(1) 5.5(2) 3 00-60-5c-21-b5-24 to 00-60-5c-21-b5-2f 1.0 1.3 5.5(2) 5 00-60-09-ff-77-5c 1.1 4.3.2 4.3(1a) Mod Sub-Type Sub-Model Sub-Serial Sub-Hw --- -------- --------- ---------- ------ 1 NFFC WS-F5521 0011455134 1.1 DCSCatalyst5000>(enable) The command on the Cisco CLI IOS is the same and the outputs are similar as shown below: 4506# show module Mod Ports Card Type Model Serial No. -------+------------------------------------+-----------------+----------- 1 2 1000BaseX (GBIC) Supervisor(active) WS-X4515 JAB071105ME 2 24 10/100/1000BaseTX (RJ45) WS-X4424-GB-RJ45 JAB070905V4 3 48 10/100BaseTX (RJ45)V WS-X4148-RJ45V JAE0650023U 4 48 10/100BaseTX (RJ45) WS-X4148-RJ JAE065206JY 5 48 10/100BaseTX (RJ45) WS-X4148-RJ JAE0652061R 6 48 10/100BaseTX (RJ45) WS-X4148-RJ JAE065205J2 M MAC addresses Hw Fw Sw Status --+--------------------------------+---+-----------+--------------+--------- 1 000c.3032.8f40 to 000c.3032.8f41 1.2 12.1(12r)EW 12.1(13)EW, EARL Ok 2 000a.f413.bb10 to 000a.f413.bb27 1.5 Ok 3 000b.fd07.3030 to 000b.fd07.305f 2.6 Ok 4 000b.5f25.f330 to 000b.5f25.f35f 3.1 Ok 5 000b.5f45.e8a0 to 000b.5f45.e8cf 3.1 Ok 6 000b.5f46.c7a0 to 000b.5f46.c7cf 3.1 Ok 4506# The preceding output is great for seeing the modules installed on the switch, their serial numbers , MAC addresses assigned, the hardware type, MAC address assigned, and the current status of all the modules installed in the switch. Now, look at the module in slot 3 using the show module command followed by the slot number: 4506# show module 1 Mod Ports Card Type Model Serial No. ----+-----+--------------------------------------+------------+----------- 1 2 1000BaseX (GBIC) Supervisor(active) WS-X4515 JAB071105ME M MAC addresses Hw Fw Sw Status --+--------------------------------+---+------------+-----------+--------- 1 000c.3032.8f40 to 000c.3032.8f41 1.2 12.1(12r)EW 12.1(13)EW, EARL Ok 4506# The preceding output narrows the information from the show modules command to a single module. show port CommandWith the show port command, you can obtain specific information about a single port or all the ports on a specified module. The show port command output for module 2, port 1 follows: DCSCatalyst5000>(enable) show port 2/1 Port Name Status Vlan Level Duplex Speed Type ---- ---- ------ ---- ----- ------ ----- ---- 2/1 Port1 normal 2 normal full 100 10/100BaseTX Port Security Secure-Src-Addr Last-Src-Addr Shutdown Trap ---- -------- --------------- ------------- -------- ---- 2/1 enabled 0090.80a3.32a0 0090.80a3.32a0 No disabled Port Broadcast-Limit Broadcast-Drop ---- --------------- -------------- 2/1 - - Port Status Channel Channel Neighbor Neighbor Mode status device port ---- ------ ------- ------- -------- -------- 2/1 connected on not channel Port Align-Err FCS-Err Xmit-Err Rcv-Err UnderSize ---- --------- ------- -------- ------- --------- 2/1 0 0 6 0 0 Port Single-Col Multi-Coll Late-Coll Excess-Col Carri-Sen Runts Giants ---- ---------- ---------- --------- ---------- --------- ----- ------ 2/1 3442 603 0 0 0 1 0 Last-Time-Cleared Wed Aug 9 2000, 14:26:21 Other show port command syntaxes can be used to troubleshoot port and port-related protocol issues. The following is output of the available syntaxes for the show port command: DCSCatalyst5000>(enable) show port ? auxiliaryvlan Show port auxiliary vlan information broadcast Show port broadcast information cdp Show port CDP information capabilities Show port capabilities channel Show port channel information counters Show port counters fddi Show port FDDI information flowcontrol Show port traffic flowcontrol filter Show Token Ring port filtering information ifindex Show port IfIndex information mac Show port MAC counters negotiation Show port flowcontrol negotiation protocol Show port protocol membership qos Show port QoS information security Show port security information spantree Show port spantree information status Show port status trap Show port trap information trunk Show port trunk information <mod> Module number <mod/port> Module number and Port number(s) <cr> The preceding output shows the syntaxes for the show port command on the Catalyst 5000 switch. show spantree CommandThis command can be used to display the Spanning Tree Protocol ( STP ) configuration, which is a significant protocol in today's redundant-link networks. STP is used to calculate loop-free Layer 2 data paths through the network, and, at the same time, provide for redundant paths. The output from this command can provide information about whether STP is enabled or disabled, the bridge or port priorities, the root bridge priorities, the path cost to the root, the BPDU (Bridge Protocol Data Unit), the bridge MAC address, the timer, the port states, and the fast-start configuration of each port.
Having more than one path through the network can cause major problems. Data leaving on one port of the switch comes right back to the switch on another port. If this data is a broadcast, can you imagine how many times it would be rebroadcast? The numbers could become astronomical, including a worst case scenario of the broadcasts using all the bandwidth, in an event called a broadcast storm . STP uses timers and a broadcast packet called a Bridge Protocol Data Unit (BPDU) to verify that there are no loops in the network. It transitions through several configured STP timers. First the FwdDelay timer, then the MaxAge timer and then the FwdDelay timer is used again. Convergence is the time that STP members take to begin transmitting data on a redundant link after a link in forwarding mode has failed. It is also the initial period between the time when an STP port powers up and when the port is placed in forwarding mode, meaning the link is up and functioning. During the convergence time, no data is forwarded. By default, the MaxAge timer is set to 20 seconds and the FwdDelay timer is 30 seconds. The FwdDelay is used by both the listening and learning states. You can adjust FwdDelay and MaxAge; however, doing so may cause a data loop temporarily in more complex networks. Using the following example, the downtime could be as high as 50 seconds using the following calculations: 2 x FwdDelay + MaxAge = Down Time For example, using the defaults 2 x 15 + 20 = 50 seconds STP transitions each port through four port states in a designated order before the port can forward frames. These states are blocking, listening, learning , and forwarding . The disabled state is a fifth state that can be manually configured by the switch. The following are the different port states, along with a description of when each is used:
The show spantree command on the Cisco Set/Clear based IOS displays the timers and other STP information. Let's look at an example of the output: DCSCatalyst5000>(enable) show spantree VLAN 1 Spanning tree enabled Spanning tree type ieee Designated Root 00-50-bd-a0-b0-00 Designated Root Priority 32768 Designated Root Cost 0 Designated Root Port 1/0 Root Max Age 12 sec Hello Time 2 sec Forward Delay 9 sec Bridge ID MAC ADDR 00-50-bd-a0-b0-00 Bridge ID Priority 32768 Bridge Max Age 12 sec Hello Time 2 sec Forward Delay 9 sec Port Vlan Port-State Cost Priority Portfast Channel_id ---- ---- ---------- ---- -------- -------- ---------- 2/1 1 not-connected 19 32 enabled 0 2/2 1 not-connected 19 32 enabled 0 2/3 1 not-connected 19 32 enabled 0 2/4 1 not-connected 19 32 enabled 0 2/5 1 not-connected 19 32 enabled 0 2/6 1 not-connected 19 32 disabled 0 2/7 1 not-connected 19 32 disabled 0 2/7 1 not-connected 19 32 disabled 0 2/8 1 not-connected 19 32 disabled 0 2/9 1 not-connected 100 32 disabled 0 2/10 1 not-connected 100 32 disabled 0 2/11 1 not-connected 100 32 disabled 0 2/12 1 not-connected 100 32 disabled 0 2/13 1 not-connected 100 32 disabled 0 2/14 1 not-connected 100 32 disabled 0 2/15 1 not-connected 100 32 disabled 0 2/16 1 not-connected 100 32 disabled 0 2/17 1 not-connected 100 32 disabled 0 2/18 1 not-connected 100 32 disabled 0 2/19 1 not-connected 100 32 disabled 0 2/20 1 not-connected 100 32 disabled 0 2/21 1 not-connected 100 32 disabled 0 2/22 1 not-connected 100 32 disabled 0 2/23 1 not-connected 100 32 disabled 0 2/24 1 forwarding 19 32 disabled 0 The preceding output shows each port on the switch, the current STP mode, port cost, port priority, whether Portfast is enabled, and the channel ID. This output also shows the currently configured MaxAge timer and Forward-Delay timer settings.
The show spanning “tree command on the Cisco CLI switch displays the following: 4506# show spanning-tree VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address 000c.3032.8f40 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 000c.3032.8f40 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- ------------------------------ Fa3/1 Desg FWD 19 128.129 P2p Fa6/48 Desg FWD 19 128.368 P2p 4506# show system CommandThe show system command enables you to obtain the component status of the switch components. These components include information on the status of the fans, power supplies , modem, uptime, and system identification configuration. The output on a Cisco Catalyst 5002 follows: DCSCatalyst5000> show system PS1-Status PS2-Status ---------- ---------- ok none Fan-Status Temp-Alarm Sys-Status Uptime d,h:m:s Logout ---------- ---------- ---------- -------------- ------ ok off ok 5,05:45:19 20 min PS1-Type PS2-Type -------- -------- WS-C5008A none Modem Baud Traffic Peak Peak-Time ----- ---- ------- ---- --------- disable 9600 0% 0% Wed Jun 4 2003, 14:46:27 System Name System Location System Contact ----------- --------------- -------------- Sacramento, CA Sean Odom show test CommandThe show test command is used to display the status of the switch chassis, interface cards, power supplies, Encoded Address and Recognition Logic (EARL) ASIC status tests, and whether an active loopback exists. It also displays the memory status of the read-only memory (ROM), flash EEPROM, serial EEPROM, and the nonvolatile RAM. An example of the show test command output follows: DCSCatalyst5000>(enable) show test Diagnostic mode: complete (mode at next reset: complete) Environmental Status (. = Pass, F = Fail, U = Unknown, N = Not Present) PS (3.3V): . PS (12V): . PS (24V): . PS1: . PS2: N Temperature: . Fan: . Module 1 : 0-port Supervisor III Network Management Processor (NMP) Status: (. = Pass, F = Fail, U = Unknown) ROM: . Flash-EEPROM: . Ser-EEPROM: . NVRAM: . MCP Comm: . EARL II Status : DisableIndexLearnTest: U DontLearnTest: U DisableNewLearnTest: U ConditionalLearnTest: U MonitorColorFloodTest: U EarlTrapTest: U StaticMacAndTypeTest: U BadDvlanTest: U BadBpduTest: U IndexMatchTest: U ProtocolTypeTest: U ProtocolTypeTest: U IgmpTest: U SourceMissTest: U SourceModifiedTest: U ArpaToArpaShortcutTest: U ArpaToSnapShortcutTest: U SnapToArpaShortcutTest: U SnapToSnapShortcutTest: U SoftwareShortcutTest: U MulticastExpansionTest: U DontShortcutTest: U ShortcutTableFullTest: U Line Card Diag Status for Module 1 (. = Pass, F = Fail, N = N/A) CPU : . Sprom : . Bootcsum : . Archsum : . RAM : . LTL : . CBL : N DPRAM : . SAMBA : N Saints : . Pkt Bufs : . Repeater : N FLASH : . Phoenix : . TrafficMeter: . UplinkSprom : . PhoenixSprom: . SAINT/SAGE Status : PHOENIX Port Status : SAINT/SAGE Status : PHOENIX Port Status : Ports 9 17 18 19 20 21 22 INBAND A->B B->A B->C C->B A->C C->A Packet Buffer Status : PHOENIX Packet Buffer Status : Ports INBAND A<->B B<->C A<->C Loopback Status [Reported by Module 1] : Ports 1 2 9 U U . DCSCatalyst5000>(enable) To display a test on a specific module, use the module number after the command. In this case I have a 24-port 10/100BaseTX module in slot 2: DCSCatalyst5000>(enable) show test 2 Diagnostic mode: complete (mode at next reset: complete) Module 2 : 24-port 10/100BaseTX Ethernet Line Card Diag Status for Module 2 (. = Pass, F = Fail, N = N/A) CPU : . Sprom : . Bootcsum : . Archsum : N RAM : . LTL : . CBL : . DPRAM : N SAMBA : . Saints : . Pkt Bufs : . Repeater : N FLASH : N SAINT/SAGE Status : Ports 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 -------------------------------------------------------------------- . . . . . . . . . . . . . . . . . . . . . . . . Packet Buffer Status : Ports 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 -------------------------------------------------------------------- . . . . . . . . . . . . . . . . . . . . . . . . Loopback Status [Reported by Module 1] : Ports 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 -------------------------------------------------------------------- . . . . . . . . . . . . . . . . . . . . . . . . Packet Buffer Status : Ports 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 -------------------------------------------------------------------- . . . . . . . . . . . . . . . . . . . . . . . . Loopback Status [Reported by Module 1] : Ports 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 -------------------------------------------------------------------- . . . . . . . . . . . . . . . . . . . . . . . . Channel Status : Ports 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 -------------------------------------------------------------------- . . . . . . . . . . . . . . . . . . . . . . . . InlineRewrite Status : Ports 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 -------------------------------------------------------------------- . . . . . . . . . . . . . . . . . . . . . . . . The output shows the results of the Supervisor module diagnostic tests. This command should be used if you suspect that there is a hardware problem with the switch. show version CommandThe show version command is used to provide hardware and software version numbers, in addition to the switch memory and the system uptime information. An example of this command follows: DCSCatalyst5000>(enable) show version WS-C5000 Software, Version McpSW: 5.5(2) NmpSW: 5.5(2) Copyright (c) 1995-2000 by Cisco Systems NMP S/W compiled on Jul 28 2000, 16:43:52 MCP S/W compiled on Jul 28 2000, 16:38:40 System Bootstrap Version: 3.1.2 Hardware Version: 2.0 Model: WS-C5000 Serial #: 011454261 Mod Port Model Serial # Versions --- ---- ----- -------- -------- 1 0 WS-X5530 011454261 Hw : 2.0 Fw : 3.1.2 Fw1: 4.2(1) Sw : 5.5(2) WS-F5521 011455134 Hw : 1.1 2 24 WS-X5225R 013426578 Hw : 3.3 Fw : 4.3(1) Sw : 5.5(2) 3 12 WS-X5111 003975931 Hw : 1.0 Fw : 1.3 Sw : 5.5(2) 5 1 WS-X5380 012148595 Hw : 1.1 Mod Port Model Serial # Versions --- ---- ----- -------- -------- 1 0 WS-X5530 011454261 Hw : 2.0 Fw : 3.1.2 Fw1: 4.2(1) Sw : 5.5(2) WS-F5521 011455134 Hw : 1.1 2 24 WS-X5225R 013426578 Hw : 3.3 Fw : 4.3(1) Sw : 5.5(2) 3 12 WS-X5111 003975931 Hw : 1.0 Fw : 1.3 Sw : 5.5(2) 5 1 WS-X5380 012148595 Hw : 1.1 Fw : 4.3.2 Sw : 4.3(1a) DRAM FLASH NVRAM Module Total Used Free Total Used Free Total Used Free ------ ----- ---- ---- ----- ---- ---- ----- ---- ---- 1 32640K 20434K 12206K 8192K 5548K 2644K 512K 185K 327K Uptime is 4 days, 4 hours, 13 minutes The preceding output is helpful in determining the software versions, hardware versions, and serial numbers being used on the switch. show diagnosticsA command on the Cisco 4506 that is similar to the show version command is the show diagnostics power-on command. The output from this command being used on a Cisco 4506 switch is shown below: 4506# show diagnostics power-on Power-On-Self-Test Results for ACTIVE Supervisor Power-on-self-test for Module 1: WS-X4515 Port/Test Status: (. = Pass, F = Fail) Port Traffic: L2 Serdes Loopback ... 0: . 1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: . 10: . 11: . 12: . 13: . 14: . 15: . 16: . 17: . 18: . 19: . 20: . 21: . 22: . 23: . 24: . 25: . 26: . 27: . 28: . 29: . 30: . 31: . Port Traffic: L2 Asic Loopback ... 0: . 1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: . 10: . 11: . 12: . 13: . 14: . 15: . 16: . 17: . 18: . 19: . 20: . 21: . 22: . 23: . 24: . 25: . 26: . 27: . 28: . 29: . 30: . 31: . Port Traffic: L3 Asic Loopback ... 0: . 1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: . 10: . 11: . 12: . 13: . 14: . 15: . 16: . 17: . 18: . 19: . 20: . 21: . 22: . 23: . 24: . 25: . 26: . 27: . 28: . 29: . 30: . 31: . audit: . Switch Subsystem Memory ... 1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: . 10: . 11: . 12: . 13: . 14: . 15: . 16: . 17: . 18: . 19: . 20: . 21: . 22: . 23: . 24: . 25: . 26: . 27: . 28: . 29: . 30: . 31: . 32: . 33: . 34: . 35: . 36: . 37: . 38: . 39: . 40: . 41: . 42: . 43: . 44: . 45: . 46: . 47: . 48: . 49: . 50: . 51: . 52: . 53: . 54: . 55: . Module 1 Passed You can use show diagnostics online module followed by the module number to get real-time information regarding the module. The output below shows the last module on the 4506 switch: 4506# show diagnostics online module 6 Slot Ports Card Type Diag Status Diag Details ---- ----- ------------------------------- ---------------- ------------ 6 48 10/100BaseTX (RJ45) Passed None Detailed Status --------------- . = Pass U = Unknown L = Loopback failure S = Stub failure I = Ilc failure P = Port failure E = SEEPROM failure G = GBIC integrity check failure Ports 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 . . . . . . . . . . . . . . . . Ports 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 . . . . . . . . . . . . . . . . Ports 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 . . . . . . . . . . . . . . . . 4506#  |
EAN: 2147483647
Pages: 213