Cisco Networking Protocols Quiz
113 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What protocol is used to gather information about Cisco devices?

  • NTP
  • CDP (correct)
  • LLDP
  • SNMP
  • What command can be used to disable CDP on a specific interface?

    no cdp enable

    What is the default status of CDP on Cisco devices?

    enabled

    Which command provides detailed information about neighbors when using CDP?

    <p>show cdp neighbors detail</p> Signup and view all the answers

    What does the command 'lldp run' do?

    <p>Enables LLDP on a device</p> Signup and view all the answers

    NTP uses TCP port 123.

    <p>False</p> Signup and view all the answers

    What is the maximum hop count for synchronized time in NTP?

    <p>15</p> Signup and view all the answers

    What is indicated by Stratum 16 in NTP?

    <p>unsynchronized</p> Signup and view all the answers

    What command is used to configure an NTP server on a router?

    <p>ntp server ip-address</p> Signup and view all the answers

    What command is used to configure an NTP server on R1?

    <p>ntp server 209.165.200.225</p> Signup and view all the answers

    What is the time source after configuring NTP on R1?

    <p>NTP</p> Signup and view all the answers

    What stratum level is R1 after synchronization with the NTP server?

    <p>2</p> Signup and view all the answers

    What does the command 'show ntp status' display?

    <p>Clock is synchronized, stratum 2, reference is 209.165.200.225</p> Signup and view all the answers

    What UDP port does SNMP use for querying agents?

    <p>161</p> Signup and view all the answers

    SNMP uses both TCP and UDP ports for its operations.

    <p>False</p> Signup and view all the answers

    Which of the following are elements of the SNMP system?

    <p>SNMP MIB</p> Signup and view all the answers

    Match the following SNMP operations with their descriptions:

    <p>get-request = Retrieves a value from a specific variable. set-request = Stores a value in a specific variable. get-next-request = Retrieves a value from a variable within a table. get-bulk-request = Retrieves large blocks of data.</p> Signup and view all the answers

    What does SNMP trap do?

    <p>Sends unsolicited messages to the SNMP manager about events.</p> Signup and view all the answers

    Which version of SNMP provides the highest level of security?

    <p>SNMPv3</p> Signup and view all the answers

    What command is used to save the running-config as the new startup-config?

    <p>copy running-config startup-config</p> Signup and view all the answers

    What mode do you enter to perform a password recovery?

    <p>ROMMON mode</p> Signup and view all the answers

    The MIB organizes variables hierarchically and defines each variable as an __________.

    <p>object ID (OID)</p> Signup and view all the answers

    What command allows the device to ignore the startup config file during startup?

    <p>confreg 0x2142</p> Signup and view all the answers

    What command is used to retrieve real-time data via SNMP?

    <p>snmpget</p> Signup and view all the answers

    What command is used to copy the startup configuration to the running configuration?

    <p>copy startup-config running-config</p> Signup and view all the answers

    What is the command to change the configuration register back to the normal value after recovery?

    <p>config-register 0x2102</p> Signup and view all the answers

    Using the command 'copy running-config startup-config' will erase your original startup configuration.

    <p>False</p> Signup and view all the answers

    Which command should be used to ensure a backup of the Cisco IOS Software image is made?

    <p>copy flash: tftp:</p> Signup and view all the answers

    What is a TFTP server used for in network management?

    <p>Backup location for configuration files and IOS images</p> Signup and view all the answers

    What does CDP stand for?

    <p>Cisco Discovery Protocol</p> Signup and view all the answers

    CDP is enabled by default on Cisco devices.

    <p>True</p> Signup and view all the answers

    Which of the following are popular destinations for syslog messages? (Select all that apply)

    <p>Logging buffer (RAM inside a router or switch)</p> Signup and view all the answers

    The severity level for a critical syslog message is ____.

    <p>2</p> Signup and view all the answers

    What is the purpose of using the command 'service timestamps log datetime'?

    <p>To force logged events to display the date and time.</p> Signup and view all the answers

    Syslog messages are only viewable through the CLI of the device.

    <p>False</p> Signup and view all the answers

    What does the format of a syslog message on Cisco IOS look like?

    <p>%facility-severity-MNEMONIC: description</p> Signup and view all the answers

    Which command is used to copy the running configuration to a TFTP server?

    <p>copy running-config tftp</p> Signup and view all the answers

    What is required to restore a configuration from TFTP?

    <p>copy tftp running-config</p> Signup and view all the answers

    Which of the following are syslog severity levels? (Select all that apply)

    <p>Warning</p> Signup and view all the answers

    What command is used to verify the USB flash drive on a Cisco router?

    <p>show file systems</p> Signup and view all the answers

    The Universal Serial Bus (USB) storage feature supports all Cisco router models.

    <p>False</p> Signup and view all the answers

    What must be done to the text file before restoring a configuration?

    <p>Ensure encrypted passwords are in plaintext and remove non-command text.</p> Signup and view all the answers

    The command to view the current configuration file on a Cisco device is ____.

    <p>show running-config</p> Signup and view all the answers

    What is the function of the command 'cd' in the context of Cisco IOS?

    <p>Change directory</p> Signup and view all the answers

    Which steps are involved in the password recovery procedure on Cisco devices? (Select all that apply)

    <p>Enter ROMMON mode</p> Signup and view all the answers

    What command is used to enable CDP on a specific interface?

    <p>cdp enable</p> Signup and view all the answers

    What command verifies the status of CDP and displays a list of neighbors?

    <p>show cdp neighbors</p> Signup and view all the answers

    What command enables LLDP globally on a Cisco network device?

    <p>lldp run</p> Signup and view all the answers

    What command is used to discover device neighbors with LLDP enabled?

    <p>show lldp neighbors</p> Signup and view all the answers

    What does the command 'show lldp neighbors detail' provide?

    <p>Detailed information about neighbors</p> Signup and view all the answers

    What hierarchical system is used in NTP networks to synchronize time?

    <p>Stratum</p> Signup and view all the answers

    Which command sets a device as the NTP server?

    <p>ntp server ip-address</p> Signup and view all the answers

    What command is used to verify the time source is set to NTP?

    <p>show clock detail</p> Signup and view all the answers

    What protocol is used for communication between managers and agents in a network?

    <p>SNMP</p> Signup and view all the answers

    Match the following SNMP versions with their characteristics:

    <p>SNMPv1 = Legacy solution with community-based security SNMPv2c = Improvements over SNMPv1 with community-based security SNMPv3 = Offers enhanced security models and levels</p> Signup and view all the answers

    Which command is used to save the running configuration to a TFTP server?

    <p>copy running-config tftp</p> Signup and view all the answers

    What command allows the router to load a new IOS image during bootup?

    <p>boot system</p> Signup and view all the answers

    Using the command 'service timestamps log datetime' forces logged events to display the date and time.

    <p>True</p> Signup and view all the answers

    What type of buffer can syslog messages be captured in?

    <p>Logging buffer</p> Signup and view all the answers

    What is the primary function of syslog?

    <p>Gather logging information for monitoring and troubleshooting</p> Signup and view all the answers

    What type of network documentation includes physical and logical topology diagrams?

    <p>Network documentation</p> Signup and view all the answers

    Accurate and complete network documentation is not necessary for effective network troubleshooting.

    <p>False</p> Signup and view all the answers

    What is the purpose of a network performance baseline?

    <p>To establish normal network performance and determine areas of congestion or underutilization.</p> Signup and view all the answers

    A ______ is used to establish normal network performance.

    <p>baseline</p> Signup and view all the answers

    Match the following Cisco IOS commands with their function:

    <p>show version = Displays uptime and version information for device software ping {host | ip-address} = Sends an echo request packet to an address traceroute destination = Identifies the path a packet takes through the networks show ip interface brief = Displays a summary status of all interfaces on a device</p> Signup and view all the answers

    What are the steps involved in the seven-step troubleshooting process?

    <p>Define the problem, Gather information, Analyze information, Eliminate possible causes, Propose hypothesis, Test hypothesis, Solve the problem.</p> Signup and view all the answers

    Which troubleshooting method should be used when the problem is suspected to be physical?

    <p>Bottom-Up</p> Signup and view all the answers

    Which of the following is NOT an application layer protocol?

    <p>IP</p> Signup and view all the answers

    The command show interfaces is useful in troubleshooting performance-related issues.

    <p>True</p> Signup and view all the answers

    What does NFS stand for?

    <p>Network File System</p> Signup and view all the answers

    These common utilities are used to verify end-to-end connectivity: ____ and ____.

    <p>ping, traceroute</p> Signup and view all the answers

    Which layer should you verify first in a bottom-up troubleshooting approach?

    <p>Physical Layer</p> Signup and view all the answers

    Match the following protocols with their primary function:

    <p>SSH = Terminal session connection with remote hosts HTTP = Transferring web files SMTP = Message delivery services DNS = Mapping IP addresses to hostnames</p> Signup and view all the answers

    What does ACL stand for in networking?

    <p>Access Control List</p> Signup and view all the answers

    A misconfigured or missing ____ can cause network connectivity problems.

    <p>default gateway</p> Signup and view all the answers

    Duplex mismatches can lead to connectivity problems.

    <p>True</p> Signup and view all the answers

    What command can be used in Windows to display the IP address mapping?

    <p>nslookup</p> Signup and view all the answers

    Which of the following are common software troubleshooting tools? (Select all that apply)

    <p>Baselining Tools</p> Signup and view all the answers

    What is the purpose of protocol analyzers?

    <p>To capture and display packet information from the physical layer to the application layer.</p> Signup and view all the answers

    Which tool is used to measure electrical values such as voltage, current, and resistance?

    <p>Multimeter</p> Signup and view all the answers

    Syslog messages can only be sent to the console.

    <p>False</p> Signup and view all the answers

    What does a high CPU utilization rate indicate?

    <p>That a device is operating at or exceeding its design limits.</p> Signup and view all the answers

    What can intermittent connectivity loss indicate?

    <p>A loose or oxidized connection</p> Signup and view all the answers

    The implicit deny any ACL can be the cause of a misconfiguration.

    <p>true</p> Signup and view all the answers

    What is one common cause of encapsulation errors?

    <p>When the sender places bits in a field that the receiver does not expect.</p> Signup and view all the answers

    Which of the following can cause routing issues? (Select all that apply)

    <p>Bad ports</p> Signup and view all the answers

    What effect can excessive broadcasts have on a network?

    <p>It can cause network performance to degrade.</p> Signup and view all the answers

    Which of the following are common software troubleshooting tools? (Select all that apply)

    <p>Baselining Tools</p> Signup and view all the answers

    What is the primary purpose of a protocol analyzer?

    <p>To capture and display the information contained in packets.</p> Signup and view all the answers

    Match the following types of hardware troubleshooting tools with their descriptions:

    <p>Multimeters = Devices that measure electrical values of voltage, current, and resistance. Cable Testers = Handheld devices designed for testing various types of data communication cabling. Cisco Prime NAM = Browser-based interface for device performance analysis in a network. Portable Network Analyzers = Specialized devices for troubleshooting switched networks and VLANs.</p> Signup and view all the answers

    Power-related hardware faults can cause network transmission errors.

    <p>True</p> Signup and view all the answers

    Syslog is used by syslog clients to send __________ messages to a syslog server.

    <p>text-based log</p> Signup and view all the answers

    What is the purpose of network documentation?

    <p>To effectively monitor and troubleshoot networks.</p> Signup and view all the answers

    What does a high CPU utilization rate indicate?

    <p>A device is operating at or exceeding its design limits.</p> Signup and view all the answers

    Which of the following is a type of network topology diagram?

    <p>Both A and B</p> Signup and view all the answers

    What is the most common cause of intermittent connectivity loss?

    <p>Loose or oxidized connections</p> Signup and view all the answers

    Excessive broadcasts can be caused by poorly programmed applications or a large Layer 2 broadcast domain.

    <p>True</p> Signup and view all the answers

    A network baseline cannot reveal areas of congestion.

    <p>False</p> Signup and view all the answers

    The minimum duration for capturing data for analysis is ______ days.

    <p>7</p> Signup and view all the answers

    What are some common commands used for data collection in Cisco IOS?

    <p>show version, ping, traceroute, show ip interface brief.</p> Signup and view all the answers

    What is the first step in the seven-step troubleshooting process?

    <p>Define the Problem</p> Signup and view all the answers

    What does the Bottom-Up troubleshooting approach imply?

    <p>It is used when the problem is suspected to be physical.</p> Signup and view all the answers

    Troubleshooting skills are developed by observing others without practice.

    <p>False</p> Signup and view all the answers

    What do tunneling and encryption protocols often require regarding traffic?

    <p>That traffic be sourced from a specific UDP or TCP port.</p> Signup and view all the answers

    Which of the following protocols supports terminal session connections with remote hosts?

    <p>SSH/Telnet</p> Signup and view all the answers

    What is one of the two most common utilities used to verify problems with end-to-end connectivity?

    <p>ping</p> Signup and view all the answers

    What command is useful for troubleshooting performance-related issues?

    <p>show interfaces</p> Signup and view all the answers

    The IEEE 802.3ab Gigabit Ethernet standard mandates the use of autonegotiation for speed and duplex.

    <p>True</p> Signup and view all the answers

    What can misconfigured or missing default gateways cause?

    <p>Connectivity problems</p> Signup and view all the answers

    The command route print is used to verify the default gateway on a ______.

    <p>PC</p> Signup and view all the answers

    Match the troubleshooting step with its description:

    <p>Step 2 = Check for duplex mismatches Step 1 = Check physical connectivity Step 3 = Verify addressing on the local network Step 4 = Verify default gateway</p> Signup and view all the answers

    What causes transport layer connectivity issues?

    <p>ACL configurations and NAT configurations</p> Signup and view all the answers

    What does DNS control?

    <p>Mapping of IP addresses to hostnames</p> Signup and view all the answers

    Study Notes

    Device Discovery with CDP

    • CDP is a Cisco proprietary protocol used to discover and collect information from Cisco devices on the same network segment.
    • It is independent of network media and protocol, running on routers, switches, and access servers.
    • CDP is enabled by default on Cisco devices.
    • The show cdp command displays CDP information.
    • To disable CDP on a specific interface, use the no cdp enable command in interface configuration mode.
    • To enable CDP globally on all supported interfaces, use the cdp run command in global configuration mode.
    • The show cdp interface command displays CDP-enabled interfaces and their status.
    • The show cdp neighbors command displays information about neighbouring devices, including device ID, interface used, and device capabilities.
    • The show cdp neighbors detail command provides more information about neighboring devices, such as their IPv4 address and platform information.

    Device Discovery with LLDP

    • LLDP is a vendor-neutral Layer 2 neighbor discovery protocol similar to CDP.
    • It works with network devices like routers, switches, and wireless LAN access points.
    • LLDP advertises a device's identity and capabilities to others and receives information from physically connected devices.
    • LLDP may be enabled by default on Cisco devices.
    • Enable LLDP globally using the lldp run command in global configuration mode.
    • Disable LLDP globally using the no lldp run command in global configuration mode.
    • LLDP can be configured on specific interfaces.
    • The show lldp command verifies the LLDP status and configuration.
    • The show lldp neighbors command displays information about neighbouring devices, such as their device ID, interface used, and capabilities.
    • The show lldp neighbors detail command provides more information about neighboring devices, such as their IP address, system descriptions, and IOS version.

    NTP

    • NTP is a protocol for synchronizing time across network devices.
    • It uses UDP port 123 and is documented in RFC 1305.
    • Network time settings can be manually set using the clock set command.
    • NTP utilizes a hierarchical system of time sources, divided into stratum levels.
    • Stratum 0 is the most accurate time source with minimal delay.
    • Stratum 1 devices are directly connected to Stratum 0 devices.
    • Stratum 2 and lower devices synchronize their time with devices in higher strata.
    • The show clock command displays the current time on a device.
    • The show clock detail command shows the time source and its status.
    • The ntp server ip-address command configures an NTP server in global configuration mode.
    • The show ntp associations command displays information about NTP associations, including the reference clock, stratum level, and delay.
    • The show ntp status command displays the device's NTP status, such as synchronization status and stratum level.

    Syslog

    • Syslog messages are formatted in a specific way, displaying the facility, severity level, mnemonic, and description.
    • For example, %LINK-3-UPDOWN: Interface Port-channel1, changed state to up shows a link changing state to up, with the facility being LINK, severity level 3, mnemonic UPDOWN.
    • By default, log messages are not timestamped.
    • The command service timestamps log datetime forces logged events to display the date and time.

    Router File Systems

    • The Cisco IOS File System (IFS) allows administrators to navigate directories, list files, and create sub-directories within flash memory or on a disk.
    • The available directories vary depending on the device.
    • The show file systems command displays all available file systems on a device.
    • An asterisk (*) indicates the current default file system.
    • A pound sign (#) indicates a bootable disk.
    • By default, both of these are assigned to the flash file system.
    • The dir command lists the contents of the current default file system.
    • The cd command changes the directory.
    • The pwd command shows the present working directory.

    Switch File Systems

    • The Cisco 2960 switch flash file system allows for copying configuration files and archiving software images.
    • The show file systems command is used to view file systems on a Catalyst switch, just like on a Cisco router.

    Backup and Restore using Text Files

    • Configuration files can be saved to a text file using a terminal emulator like Tera Term.
    • To save a file:
      • Open the File menu and click Log.
      • Choose a location to save the file.
      • Execute a show running-config or show startup-config command at the privileged EXEC prompt.
      • The displayed text will be saved to the specified file.
      • When the capture is complete, click Close in the Tera Term: Log window.
    • To restore a configuration from a text file:
      • Open the File menu in Tera Term and click Send file.
      • Locate the file to be copied and click Open.
      • Tera Term will paste the file into the device.
      • The text in the file will be applied as commands in the CLI.
      • The text file may need edits to ensure that encrypted passwords are in plaintext.
      • Non-command text like '--More--' and IOS messages should also be removed.

    Backup and Restore using TFTP

    • To backup a running configuration to a TFTP server:
      • Use the command copy running-config tftp.
      • Enter the IP address of the TFTP server.
      • Enter the desired name for the configuration file.
      • Press Enter to confirm each choice.
    • To restore a running configuration from a TFTP server:
      • Use the command copy tftp running-config.
      • Enter the IP address of the TFTP server.
      • Enter the desired name for the configuration file.
      • Press Enter to confirm each choice.

    Router USB Storage

    • USB storage allows for an optional secondary storage capability on certain Cisco routers.
    • The dir command can be used to view the contents of the USB flash drive.

    Backup and Restore using USB

    • To backup a running configuration to a USB flash drive:
      • Use the command copy running-config usbflash0:.
      • Replace usbflash0: with the name of the USB file system, which can be found by using the show file systems command.
      • The router will prompt for the filename and potentially ask for confirmation before overwriting an existing file.
    • To restore a running configuration from a USB flash drive:
      • Use the command copy usbflash0:/R1-Config running-config.
      • Replace usbflash0:/R1-Config with the name of the file located on the USB drive.

    Password Recovery Procedures

    • Password recovery procedures are used to regain access to devices when passwords are forgotten.
    • The procedures generally follow these steps:
      • Enter ROMMON mode.
      • Change the configuration register.
      • Copy the startup-config to the running-config.
      • Change the password.
      • Save the running-config as the new startup-config.
      • Reload the device.

    Password Recovery Example

    • To enter ROMMON mode, use a break sequence during bootup or remove the external flash memory.
    • The ROMMON prompt will appear as rommon 1>.
    • The confreg 0x2142 command sets the configuration register, causing the device to ignore the startup config file during startup.
    • After using the confreg 0x2142 command, issue a reset command to restart the device.
    • Use a break sequence while the device is rebooting to enter ROMMON mode again.
    • Once in privileged EXEC mode, use the copy startup-config running-config to copy the startup configuration to the running configuration.
    • Configure new passwords using commands like enable secret cisco.
    • Change the configuration register back to 0x2102 using the config-register 0x2102 command.
    • Save the running-config to startup-config using the copy running-config startup-config command.

    Packet Tracer

    • In this Packet Tracer activity, you will practice backing up configuration files.
    • The activities include establishing connectivity to a TFTP server, transferring a configuration file from a TFTP server, and backing up the configuration and IOS to a TFTP server.

    Cisco IOS Image Management

    • It is good practice to keep a backup of the Cisco IOS Software image to prevent data loss.
    • Cisco IOS Software images and configuration files can be stored on a TFTP server for easy access and control.
    • A TFTP server can be another router, a workstation, or a host system.
    • To backup an IOS Image to a TFTP server, ensure that the server has enough disk space.
    • Use the following commands to backup and restore IOS Images to a TFTP server:
      • copy source-url destination-url
      • copy tftp flash:
    • To upload an IOS image file to a router, use the copy tftp flash: command.
    • Use the boot system command to configure the router to load a new IOS image during bootup.
    • Save the configuration using copy running-config startup-config and reload the router to apply the changes.

    Cisco Discovery Protocol (CDP)

    • CDP is a Cisco proprietary Layer 2 protocol used for network discovery.
    • CDP is enabled by default on Cisco devices.
    • Use the following commands to enable CDP:
      • cdp run (global configuration mode)
      • cdp enable (interface configuration mode)
    • Use the show cdp neighbors command to view the list of CDP neighbors.
    • LLDP is a vendor-neutral neighbor discovery protocol similar to CDP.
    • To enable LLDP globally on a Cisco device, use the lldp run command.
    • Use the show lldp neighbors command to view the list of LLDP neighbors.
    • Use show lldp neighbors detail to receive information about the neighbor's IOS version, IP address, and device capability.

    Network Time Protocol (NTP)

    • NTP is used to synchronize the time settings of devices on a network.
    • NTP networks use a hierarchical system of time sources, with each level called a stratum.
    • Stratum 0 devices are high-precision timekeeping devices.
    • Stratum 1 devices are directly connected to stratum 0 devices.
    • Stratum 2 devices, such as NTP clients, synchronize their time using stratum 1 servers.
    • Use the ntp server ip-address command to configure an NTP server.
    • Use the show clock detail, show ntp associations, and show ntp status commands to verify NTP synchronization.

    Simple Network Management Protocol (SNMP)

    • SNMP is an application layer protocol used for communication between network managers and agents.
    • The SNMP system consists of:
      • SNMP manager
      • SNMP agents
      • Management Information Base (MIB)
    • The SNMP manager can collect information from an SNMP agent using the 'get' action and change configurations using the 'set' action.
    • SNMP agents can forward information directly to a network manager using 'traps'.
    • There are three versions of SNMP:
      • SNMPv1 (legacy)
      • SNMPv2c (community-based security)
      • SNMPv3 (security models and levels)
    • The MIB organizes variables hierarchically.
    • OIDs uniquely identify managed objects within the MIB hierarchy.
    • Cisco SNMP Navigator, available on the Cisco.com website, can assist in researching OID details.

    Syslog

    • Syslog uses UDP port 514 to allow networking devices to send system messages to syslog servers.
    • The syslog logging service functions include:
      • Gathering logging information for monitoring and troubleshooting
      • Selecting the type of logging information captured
      • Specifying the destinations of captured syslog messages
    • Possible destinations for syslog messages include:
      • Logging buffer (RAM in a router or switch)
      • Console line
      • Terminal line
      • Syslog server
    • Syslog facilities categorize system state data for error and event message reporting.
    • Common syslog facilities include:
      • IP
      • OSPF protocol
      • SYS operating system
      • IPsec
      • IF
    • The default format of syslog messages is: %facility-severity-MNEMONIC: description
    • Use the service timestamps log datetime command to display date and time in logged events.

    Cisco Internet File System (IFS)

    • The Cisco IFS allows administrators to navigate directories, list files, and create subdirectories in flash memory or on a disk.
    • Use the show file systems command to view the file systems on a Catalyst switch or Cisco router.

    Configuration File Management

    • Configuration files can be saved to a text file using Tera Term.
    • Configuration files can be stored on a TFTP server or a USB drive.
    • Use the copy running-config tftp or copy startup-config tftp commands to save configurations to a TFTP server.
    • Use the copy tftp flash: command to copy a configuration from a TFTP server to a device.
    • Use the copy running-config startup-config command to save the running configuration to the startup configuration.### Cisco Discovery Protocol
    • Cisco Discovery Protocol (CDP) is utilized for network devices to share information.
    • The cdp run command is used to start CDP.
    • The cdp enable command is used to enable CDP.
    • show cdp, show cdp interface, show cdp neighbors and show cdp neighbors detail commands are used to display CDP related information.
    • Link Layer Discovery Protocol (LLDP) is a network protocol, used for sharing information between neighboring network devices, often on different vendors.
    • lldp run starts the LLDP protocol.
    • lldp enable enables LLDP on the device.
    • lldp transmit enables LLDP to send packets.
    • lldp receive enables LLDP to receive packets.
    • show lldp, show lldp neighbors and show lldp neighbors detail are commands used to display LLDP related information.

    Network Time Protocol

    • Network Time Protocol (NTP) is used to synchronize time between devices.
    • Stratum is the level in a timing hierarchy.
    • show clock displays the current time on the device.
    • show clock detail displays detailed time information.
    • ntp server ip-address is used to configure an NTP server.
    • show ntp associations and show ntp status display information related to configured NTP servers.

    Simple Network Management Protocol

    • Simple Network Management Protocol (SNMP) is used to monitor and manage network devices.
    • A Network Management System (NMS) is used to manage and monitor network devices.
    • An SNMP Manager is the application running on a network device used to communicate with SNMP Agents.
    • An SNMP Agent is a process running on a network device responsible for responding to SNMP requests.
    • Management Information Base (MIB) - a database containing all the information about the devices being managed.
    • Object Identifier (OID) - a unique identifier for each item within the MIB.
    • get-request, get-next-request, get-bulk-request, get-response and set-request are SNMP commands used to get or set data on managed devices.
    • A MIB Variable is a piece of data in the MIB.
    • An SNMP Agent Trap is an unsolicited message sent by an agent to inform the manager of an event.

    Versions of SNMP

    • SNMPv1, SNMPv2c and SNMPv3 are the versions of the protocol.
    • noAuthNoPriv, authNoPriv and authPriv are different security levels supported by SNMPv3

    Community Strings

    • Community strings are used for authentication in SNMPv1 and SNMPv2c.

    Cisco SNMP Object Navigator

    • Cisco SNMP Object Navigator is a tool used to browse and manage MIBs.

    Cisco Integrated File System

    • Cisco Integrated File System (IFS) is a file system used on Cisco devices.
    • show file systems displays the available file systems.

    Other Commands

    • bootflash - a file system used for storing the IOS image and other files.
    • pwd - Displays the current directory.
    • copy running-config tftp, copy tftp running-config, copy running-config usbflash0: are commands for copying the running configuration to various locations.
    • ROMMON - a small program that runs when a device doesn't boot properly.
    • confreg or config-register - used to configure the boot process.
    • copy tftp: flash: is used to copy a file from a TFTP server to flash memory.
    • boot system is a critical command in the IOS boot sequence.
    • service timestamps log datetime - sets up the system to include timestamps in log messages.
    • syslog - A mechanism for sending system messages to a syslog server.
    • syslog facility - are different categories of log messages.

    Network Documentation

    • Network documentation is crucial for monitoring and troubleshooting enterprise networks
    • Common network documentation includes:
      • Physical and logical network topology diagrams
      • Network device documentation (e.g., routers, switches, end systems)
      • Network performance baseline documentation
    • Keep network documentation in a centralized location with backups stored separately

    Network Topology Diagrams

    • There are two types:
      • Physical: Shows physical connections and device types
      • Logical: Shows relationships between devices and how data flows

    Network Device Documentation

    • Records accurate and up-to-date information about network hardware and software
    • Should include:
      • Device type
      • Model number
      • Serial number
      • Software version
      • Configuration details

    Establishing a Network Baseline

    • A network baseline helps determine the “personality” of a network under normal conditions.
    • This involves collecting network performance data and analyzing it over time.
    • Benefits:
      • Provides insights into the network's ability to meet business requirements
      • Identifies network congestion or underutilization.

    Data Collection for Network Baseline

    • Step 1: Determine variables to track:
      • Select a few variables that represent defined policies, such as interface utilization and CPU utilization.
    • Step 2: Identify key devices and ports of interest:
      • Use a logical network topology to identify key devices and ports to monitor.
    • Step 3: Determine baseline duration:
      • 7 days minimum but no more than 6 weeks, unless specific long-term trends need to be measured.
      • A two-to-four-week baseline is typically sufficient.
      • Conduct annual analysis of the whole network or rotate baselining different network sections.

    Data Measurement

    • Cisco IOS commands for data collection:
      • show version: Displays uptime, device software and hardware version information
      • show ip interface [brief]: Displays interface configuration options
      • show ipv6 interface [brief]: Displays interface configuration options
      • show interfaces: Displays detailed output for each interface
      • show ip route [static | eigrp | ospf | bgp]: Displays IPv4 routing table content
      • show ipv6 route [static | eigrp | ospf | bgp]: Displays IPv6 routing table content
      • show cdp neighbors detail: Displays detailed information about directly connected Cisco devices
      • show arp: Displays ARP table content (IPv4) and the neighbor table (IPv6)
      • show running-config: Displays current configuration
      • show vlan: Displays status of VLANs on a switch
      • show port: Displays status of ports on a switch
      • show tech-support: Provides technical support reporting with multiple show commands

    Troubleshooting Process

    • Using a structured troubleshooting approach can save time and increase efficiency
    • Common troubleshooting processes:
      • Three-Stage: Simple and easy to follow, with a straightforward logical flowchart.
      • Seven-Step: Detailed process with specific steps to guide troubleshooting.
        1. Define the Problem: Verify if a problem exists and identify it clearly.
        2. Gather Information: Identify targets (hosts, devices), access them, and gather relevant information.
        3. Analyze Information: Explore possible causes using documentation, baselines, knowledge bases, and peer expertise.
        4. Eliminate Possible Causes: Progressively eliminate potential causes to discover the most likely issue.
        5. Propose Hypothesis: Formulate a solution based on the most probable cause.
        6. Test Hypothesis: Assess urgency, create rollback plan, implement the solution, and verify outcomes.
        7. Solve the Problem: Inform all involved parties, document the root cause and solution to prevent future occurrences.

    Questioning End Users

    • Ask clear, open-ended questions to gather information:
      • What is not working?
      • What exactly is the problem?
      • What are you trying to accomplish?
      • Who is affected by this issue?
      • When did the problem occur?
      • Were there any error messages?
      • Can you reproduce the problem?
      • What has changed since the last time it worked?

    Gather Information

    • Common Cisco IOS commands for gathering network problem symptoms:
      • ping {host |ip-address}: Sends an echo request to an address and waits for a reply.
      • traceroute destination: Traces the path a packet takes through the network.
      • telnet {host | ip-address}: Connects to an IP address using Telnet (use SSH whenever possible).
      • ssh -l user-id ip-address: Connects to an IP address using SSH.
      • show ip interface brief: Displays the status of all interfaces on a device.
      • show ipv6 interface brief: Displays the status of all interfaces on a device.
      • show ip route: Displays the current IPv4 routing table
      • show ipv6 route: Displays the current IPv6 routing table
      • show protocols: Displays the global and interface-specific status of any configured Layer 3 protocol.
      • debug: Displays a list of options for enabling or disabling debugging events.

    Troubleshooting with Layered Models

    • The OSI and TCP/IP models can be used to isolate network problems during troubleshooting.
    • Different layers of the model should be investigated depending on the device being examined.

    Structured Troubleshooting Methods

    • Different troubleshooting methods:
      • Bottom-Up: Start at the physical layer and work up.
      • Top-Down: Start at a higher layer (e.g., Layer 3) and work down.
      • Divide-and-Conquer: Start at a middle layer and test in both directions.
      • Follow-the-Path: Trace the traffic path from source to destination.
      • Substitution: Replace a suspected faulty device with a known working one.
      • Comparison: Compare a non-operational element with a working one to identify differences.
      • Educated Guess: This method relies on experience and intuition.

    Guidelines for Selecting a Troubleshooting Method

    • Choose the most effective method based on:
      • The nature of the problem
      • Your experience and skill level
      • Available resources

    Software Troubleshooting Tools

    • Common tools include:
      • Network Management Software: Monitors, configures, and manages network devices.
      • System Tools: Investigate and correct network problems.
      • Knowledge Bases: Provide information about network equipment and common issues.
      • Baselining Tools: Automate network documentation, baseline bandwidth usage, and simplify documentation tasks.

    Protocol Analyzers

    • Capture and display network packet information from the physical to application layer, providing insights into network traffic patterns.

    Hardware Troubleshooting Tools

    • Digital Multimeters are devices used to measure electrical values like voltage, current, and resistance.
    • Cable Testers are handheld devices designed to test various data communication cabling types.
    • Cable Analyzers are multifunctional handheld devices for testing and certifying copper and fiber cables.
    • Portable Network Analyzers are specialized devices for troubleshooting switched networks and VLANs.
    • Cisco Prime NAM is a browser-based interface that displays device performance analysis in a switched and routed environment.

    Syslog Server as a Troubleshooting Tool

    • Syslog allows syslog clients to send text-based log messages to a syslog server.
    • Log messages can be directed to the console, VTY lines, memory buffer, or syslog server.
    • Cisco IOS log messages fall into eight severity levels with a numerical value.
    • Lower level numbers indicate higher severity.
    • The default console displays level 7 (debugging) messages.
    • Levels 0 (emergencies) to 5 (notifications) are sent to the syslog server.

    Symptoms and Causes of Network Problems: Physical Layer

    • Performance lower than baseline can be caused by overloaded servers, unsuitable switch/router configurations, traffic congestion, and chronic frame loss.
    • Loss of connectivity could be due to a failed or disconnected cable.
    • Intermittent connectivity loss might indicate a loose or oxidized connection.
    • Network bottlenecks or congestion can arise when routing protocols redirect traffic to sub-optimal routes, leading to congestion or bottlenecks.
    • High CPU utilization rates signify that a device is operating at or exceeding its design limits.
    • Console error messages reported on the device console could indicate physical layer issues and should be logged to a syslog server.

    Physical Layer Troubleshooting: Common Problem Causes

    • Power-related faults: Check fan operation and ensure chassis vents are clear.
    • Hardware faults: Faulty NIC drivers, bad cabling, or grounding problems can cause network transmission errors.
    • Cabling faults: Look for damaged cables, improper cable types, and poorly crimped connectors. Suspect cables should be tested or swapped with known working ones.
    • Attenuation: Can occur if cable length exceeds design limits or due to poor connections from loose cables, dirty or oxidized contacts.
    • Noise: Local electromagnetic interference (EMI) from sources like crosstalk, nearby electric cables, motors, radio stations, and police radios can cause problems.
    • Interface configuration errors: Incorrect clock rate, clock source, or interface not being turned on can lead to a loss of connectivity.
    • Exceeding design limits: Using a component beyond its specifications might cause suboptimal operation with symptoms like high CPU utilization percentages, queue drops, slow performance, SNMP timeouts, and communication failures.
    • No functionality or connectivity at network layer or above: Some Layer 2 problems can stop frame exchange across a link while others only degrade performance.
    • Network operating below baseline performance levels: Frames might reach destinations via suboptimal paths, causing unexpected high-bandwidth usage on links.
    • Excessive broadcasts: Often caused by poorly programmed applications, large Layer 2 broadcast domains, or underlying network issues.
    • Console messages: Common Layer 2 problem indicators include "line protocol down" messages.
    • Encapsulation errors: Occur when the bits placed in a field by the sender are not what the receiver expects.
    • Address mapping errors: Layer 2 and Layer 3 addressing issues can arise.
    • Framing errors: Could result from noisy serial lines, improperly designed cabling, faulty NICs, duplex mismatches, or incorrectly configured channel service unit (CSU) line clocks.
    • STP failures or loops: Most STP problems are related to forwarding loops caused by unblocked ports in redundant topologies, leading to traffic being forwarded indefinitely in circles. High STP topology change rates can cause excessive flooding.

    Symptoms and Causes of Network Problems: Network Layer

    • Network failure: The network becomes nearly or completely non-functional, impacting all users and applications.
    • Suboptimal performance: Affects a subset of users, applications, destinations, or specific traffic types. These issues can be challenging to detect, isolate, and diagnose as they often involve multiple layers.

    Network Layer Troubleshooting: Common Problem Causes

    • General network issues: Changes in the network topology can have unknown effects on other areas. Verify if any recent changes or work on the network infrastructure occurred.
    • Connectivity issues: Check for equipment and connectivity problems like power issues, environmental factors, and Layer 1 issues (cabling, ports, ISP problems).
    • Routing table issues: Inspect for unexpected entries, missing routes, or unexpected routes in the routing table.
    • Neighbor issues: Verify if any problems exist with routers forming neighbor adjacencies.
    • Topology database issues: Ensure that there are no unexpected entries or missing entries in the topology database.

    Transport Layer Troubleshooting - ACLs: Common Misconfiguration Areas

    • Selection of traffic flow: ACLs should be applied to the correct interface and traffic direction.
    • Order of access control entries: ACL entries should be ordered from specific to general.
    • Implicit deny any: An implicit ACE can be a source of misconfiguration.
    • Addresses and IPv4 wildcard masks: While complex IPv4 wildcard masks are efficient, they are prone to configuration errors.
    • Selection of transport layer protocol: Only the correct transport layer protocol should be specified in an ACE.
    • Source and destination ports: Ensure that the correct inbound and outbound ports are specified in an ACE.
    • Use of the established keyword: Misusing the "established" keyword can lead to unintended consequences.
    • Uncommon protocols: Misconfigured ACLs can cause problems for protocols besides TCP and UDP.

    Transport Layer Troubleshooting - NAT for IPv4: Interoperability Challenges

    • BOOTP and DHCP: BOOTP and DHCP may face difficulties operating over a router running static or dynamic NAT as NAT requires valid source and destination IPv4 addresses while BOOTP requests have a source address of 0.0.0.0. Configuring the IPv4 helper feature can address this.
    • DNS: A DNS server outside the NAT router might not have an accurate representation of the network inside. Configuring the IPv4 helper feature can help.
    • SNMP: An SNMP management station on one side of a NAT router might not be able to contact SNMP agents on the other side. Configuring the IPv4 helper feature can help.
    • Tunneling and encryption protocols: These protocols often necessitate specific UDP or TCP ports or use a protocol at the transport layer that NAT cannot process.

    Application Layer Troubleshooting

    • SSH/Telnet: Enables terminal session connections with remote hosts.
    • HTTP: Supports text, images, sound, video, and multimedia file exchange on the web.
    • FTP: Performs interactive file transfers between hosts.
    • TFTP: Handles basic interactive file transfers between hosts and network devices.
    • SMTP: Supports basic message delivery services.
    • POP: Connects to mail servers for email downloads.
    • SNMP: Collects management information from network devices.
    • DNS: Maps IP addresses to device names.
    • NFS (Network File System): Allows computers to mount and use drives on remote hosts.

    Troubleshooting IP Connectivity

    • Bottom-up approach for end-to-end connectivity issues: Verifying physical connectivity, duplex mismatches, data link and network layer addressing, default gateway, routing paths, transport layer functionality, ACLs, and DNS settings.
    • Key utilities for verifying end-to-end connectivity: Ping and traceroute.
    • "show interfaces" command helps troubleshoot performance issues and identify hardware faults by analyzing interface status, input/output queue drops, and input/output errors.

    Gigabit Ethernet

    • IEEE 802.3ab standard mandates autonegotiation for speed and duplex
    • Fast Ethernet NICs default to autonegotiation
    • Duplex mismatches cause connectivity issues

    Addressing

    • arp (Windows) command displays and modifies ARP cache entries
    • ARP cache stores IPv4 and MAC addresses

    VLANs

    • VLAN assignment errors cause connectivity issues
    • Example: Fa0/1 should be in VLAN 10 instead of VLAN 1

    Default Gateway

    • Misconfigured or missing default gateways cause connectivity problems
    • Useful commands to verify default gateway:
      • show ip route (R1)
      • route print or netstat –r (PC1)

    IPv6 Default Gateway

    • Can be configured manually, using SLAAC, or via DHCPv6
    • Example: PC cannot acquire IPv6 configuration using SLAAC
    • show ipv6 interface command verifies if R1 is an IPv6 router
    • R1 is a member of ff02::2 (All-IPv6-Routers multicast group)

    Routing

    • Longest prefix match is used for forwarding IPv4 and IPv6 packets
    • Routing table entries with the highest number of matching bits are used

    Transport Layer

    • ACL configurations and NAT configurations are common causes of transport layer issues
    • Telnet is a tool for testing transport layer functionality

    Access Control Lists (ACLs)

    • ACLs can prohibit or allow protocols on interfaces
    • Example: ACL 100 incorrectly configured on G0/0/0 instead of S0/1/1

    Domain Name System (DNS)

    • DNS maps hostnames to IP addresses
    • ip host command adds names to be used in place of IPv4 addresses
    • nslookup (Windows) command displays name-to-IP mapping information

    Troubleshooting Process (Seven Steps)

    • Define the problem
    • Gather information
    • Analyze information
    • Eliminate possible causes
    • Propose hypothesis
    • Test hypothesis
    • Solve the problem

    Troubleshooting Methods

    • Bottom-up approach:
      • Verify physical layer
      • Check for duplex mismatches
      • Verify addressing and default gateway
      • Verify routing path
      • Verify transport layer
    • Troubleshooting Tools:
      • NMS tools
      • Knowledge bases
      • Baselining tools
      • Protocol analyzers
      • Digital multimeters
      • Cable testers
      • Cable analyzers
      • Portable network analyzers
      • Cisco Prime NAM
      • Syslog servers

    Troubleshooting Scenarios

    • Packet Tracer - Troubleshoot Enterprise Networks
    • Packet Tracer – Network Troubleshooting
    • Packet Tracer – Troubleshoot Challenge – Use Documentation to Solve Issues

    Network Documentation

    • Physical and logical network topologies
    • Network device documentation
    • Network performance baseline documentation

    Layer-Specific Problems

    • Physical layer: Failures and suboptimal conditions
    • Data link layer: Encapsulation errors, address mapping errors, framing errors, STP failures or loops
    • Network layer: IPv4, IPv6, routing protocols (EIGRP, OSPF, etc.)
    • Transport layer: Misconfigured NAT or ACLs
    • Application layer: Unreachable or unusable resources

    Network Documentation

    • Comprehensive network documentation is essential for effective monitoring and troubleshooting.
    • Documentation includes physical and logical network topology diagrams, device information, and network performance baselines.
    • Store all documentation in a single location and maintain a separate backup.

    Network Topology Diagrams

    • Network topology diagrams depict the physical and logical connections of devices in the network.
    • Physical topology diagrams show the actual cabling and connections of devices, while logical topology diagrams display the functional connections without considering physical locations.

    Network Device Documentation

    • Maintain accurate and up-to-date records for all network devices, including hardware and software information.
    • Documentation should cover routers, switches, and end systems for easy retrieval and analysis.

    Establish a Network Baseline

    • A network baseline defines typical network performance under normal conditions to identify deviations and potential issues.
    • It involves gathering and analyzing performance data from critical devices and ports.
    • Use the baseline data to identify network congestion, underutilization, and assess the network's capacity to meet business requirements.

    Data Collection for Network Baseline

    • Start with a few key variables for initial baselining, such as interface and CPU utilization.
    • Identify target devices and ports, including servers, routers, switches, and administrative terminals.
    • Capture data for a minimum of seven days and ideally for two to four weeks, but not exceeding six weeks unless long-term trends are critical.
    • Conduct annual analysis of the entire network or baseline network segments on a rotating basis.

    Common Cisco IOS Commands for Data Collection

    • show version: Displays device uptime, software version, and hardware information.
    • show ip interface [brief]: Summarizes configuration settings for all interfaces.
    • show ipv6 interface [brief]: Summarizes configuration settings for IPv6 interfaces.
    • show interfaces: Provides detailed information for each interface.
    • show ip route [static | eigrp | ospf | bgp]: Displays IPv4 routing table content for different routing protocols.
    • show ipv6 route [static | eigrp | ospf | bgp]: Displays IPv6 routing table content for different routing protocols.
    • show cdp neighbors detail: Provides detailed information about directly connected Cisco devices.
    • show arp: Displays the ARP table content (IPv4) and neighbor table (IPv6).
    • show ipv6 neighbors: Displays neighbor information for IPv6.
    • show running-config: Displays the current device configuration.
    • show vlan: Displays the status of VLANs on a switch.
    • show port: Displays the status of ports on a switch.
    • show tech-support: Collects detailed information from the device for technical support reporting.

    Troubleshooting Process

    • Utilize a structured approach to network troubleshooting to minimize resolution time.
    • There are several troubleshooting processes, such as a three-stage process or a seven-step process.

    Seven-Step Troubleshooting Process

    • Define the Problem: Clearly identify the network problem and its scope.
    • Gather Information: Collect relevant data from affected devices, using tools like ping, traceroute, telnet, SSH, and various Cisco IOS commands.
    • Analyze Information: Identify possible causes using network documentation, baselines, knowledge bases, and peer expertise.
    • Eliminate Possible Causes: Systematically rule out potential causes to determine the most likely culprit.
    • Propose Hypothesis: Based on the analysis, propose a solution and document the reasoning.
    • Test Hypothesis: Apply the solution, monitor the results, and ensure a rollback plan is available in case of unexpected outcomes.
    • Solve the Problem: Implement the solution, verify its effectiveness, and document both the cause and solution for future reference.

    Questioning End Users

    • Ask clear and open-ended questions to gather accurate information from end users.
    • Determine the scope of the issue, the affected devices, the exact problem, the timing of the problem, and if there are any error messages.
    • Identify any changes in the network configuration or environment.
    • Explore what works and what does not to narrow down potential issues.

    Troubleshooting with Layered Models

    • Utilize the OSI and TCP/IP models to isolate network problems.
    • Analyze individual devices and corresponding OSI layers during the troubleshooting process.

    Structured Troubleshooting Methods

    • Bottom-Up: Begin by testing the physical layer and progressively work upwards to higher layers. Effective for physical layer problems or simpler software issues.
    • Top-Down: Start at a middle layer (e.g., Layer 3) and test both upwards and downwards. Suitable for complex issues.
    • Divide-and-Conquer: Break down the network into smaller segments and test each section individually. Helps isolate the problem area.
    • Follow-the-Path: Trace the data path from source to destination to pinpoint the failure point.
    • Substitution: Swap a suspected device with a known-good one to determine if it's causing the problem.
    • Comparison: Compare a nonoperational element to a working counterpart to identify differences and potential causes.
    • Educated Guess: Requires significant experience and intuition to directly pinpoint the problem.

    Choosing a Troubleshooting Method

    • Select the most appropriate troubleshooting method based on the identified problem and the specific network environment.
    • Experience gained from successfully resolving problems will improve troubleshooting skills.

    Troubleshooting Tools

    • Network Management Software: Provides device-level monitoring, configuration, and fault management.
    • System Tools: Used to diagnose and resolve network issues.
    • Knowledge Bases: Offer valuable troubleshooting information from vendors and other network administrators.
    • Baselining Tools: Automate network documentation and baselining processes, including diagram creation, software/hardware inventory, and bandwidth utilization analysis.

    Protocol Analyzers

    • Capture and display network traffic data from the physical layer to the application layer.
    • Analyze captured packets to understand network communication patterns and identify potential issues.

    Troubleshooting Tools

    • Protocol Analyzers, like Wireshark, can help troubleshoot performance issues on a network

    Hardware Troubleshooting Tools

    • Digital Multimeters are handheld devices used to test various communication cables
    • Cable Testers are also handheld devices designed for the testing and certification of copper and fiber optic cables
    • Portable Network Analyzers are used for troubleshooting switched networks and VLANs.
    • Cisco Prime NAM is a browser interface that allows for performance analysis of devices in both switched and routed environments

    Syslog Server as a Troubleshooting Tool

    • Syslog is used by syslog clients to send text-based log messages to a syslog server
    • Log messages can be sent to different places, including the console, VTY lines, memory buffer, and syslog server
    • Cisco IOS log messages are organized into eight levels, ranging from zero (emergencies) to seven (debugging)
    • The console displays messages at level seven (debugging) by default
    • Levels 0-5 (emergencies to notifications) are sent to the syslog server (209.165.200.225)

    Symptoms and Causes of Network Problems

    • Physical layer network problems are common, with symptoms including a performance decrease, loss of connectivity, and network bottlenecks or congestion
    • High CPU utilization rates indicate that a device is operating at or exceeding its design limitations
    • Console error messages can indicate a physical layer problem and should be logged to a central syslog server

    Physical Layer Troubleshooting - Underlying Issues

    • Power-related issues can be caused by failing fans or blocked air vents
    • Hardware faults include faulty/corrupt NIC driver files, bad cabling and grounding problems
    • Cabling faults include damaged cables, improper cable use, and poorly crimped connectors
    • Attenuation results when cable length exceeds the design limit for the media, or when there is a poor connection because of a loose cable, dirty contacts, or corroded connectors
    • Noise can be generated by crosstalk or other sources, such as nearby electrical cables, large electric motors, or radio stations
    • Interface configuration errors include incorrect clock rates, the incorrect clock source, and a turned-off interface
    • Exceeding design limits means components can be utilized beyond specifications and lead to sub-optimal performance
    • CPU overload can cause slow performance, or even system shutdowns, and symptoms include high CPU utilization, slow performance, input queue drops, and failed pings
    • Some data link layer problems can prevent frames from being exchanged across a link, while others only degrade network performance
    • Excessive broadcasts can result from poorly programmed or configured applications, a large Layer 2 broadcast domain, or underlying network problems
    • Console messages can indicate a Layer 2 problem, and the line protocol down message is the most common
    • Network issues can indicate improper link configuration or failing hardware
    • Encapsulation errors occur when bits placed in a field by the sender are not what the receiver expects
    • Address mapping errors occur when Layer 2 and Layer 3 addressing is unavailable
    • Framing errors could be caused by noisy lines, improperly designed cables, faulty NICs, a duplex mismatch, or an incorrectly configured channel line clock (CSU)
    • Spanning tree protocol (STP) failures or loops are most commonly related to forwarding loops that occur when no ports are blocked in a redundant topology and traffic is forwarded indefinitely
    • Excessive flooding can occur if there is a high rate of changes to the STP topology

    Network Layer Troubleshooting

    • Network Layer failures can affect all users and applications on the network
    • Optimization issues can be difficult to detect and diagnose because they may involve multiple layers, or even a single host computer
    • Network layer issues may take time to diagnose

    Network Layer Troubleshooting - Underlying Issues

    • General network issues may occur as a result of changes in the topology
    • Connectivity issues can be caused by equipment and connectivity problems, including power problems, environmental problems, and Layer 1 problems, such as cabling problems, bad ports, and ISP problems.
    • Routing table issues can be caused by missing or unexpected routes
    • Neighbor issues can be caused by problems with routers forming neighbor adjacencies.
    • Topology database issues can be caused by missing or unexpected entries

    Transport Layer Troubleshooting - ACLs

    • It is important for Access Control Lists (ACLs) to be applied to the correct interface in the correct traffic direction
    • ACL configuration errors can occur when the entries are not from specific (narrow) to general (broad)
    • The implicit deny statement can be a cause of ACL misconfigurations
    • Complex IPv4 wildcard masks can be more efficient, but more subject to configuration errors
    • The wrong transport layer protocol can be specified in an ACE
    • Improper source ports, or destination ports, can also be specified
    • Incorrectly applying the established keyword can result in unexpected results
    • Misconfigured ACLs can be problematic for protocols other than TCP and UDP

    Transport Layer Troubleshooting - NAT for IPv4

    • Using NAT with BOOTP and DHCP can be difficult since NAT requires a valid source and destination IP address, but a DHCP-Request packet has a source IPv4 address of 0.0.0.0
    • Configuring IPv4 helper features can solve the problem
    • DNS servers outside of NAT routers don't always have an accurate representation of the network inside the router
    • Configuring IPv4 helper features can also help with this problem
    • SNMP management stations on one side of a NAT router may not be able to connect with SNMP agents on the other side of the router
    • Configuring IPv4 helper features can help with this problem
    • Tunneling and encryption protocols often require specific UDP or TCP ports, or use a protocol at the transport layer that NAT can't process

    Application Layer Troubleshooting

    • SSH/Telnet enables users to establish terminal connections with remote hosts
    • HTTP supports the exchange of text, graphic images, sound, video, and other files on the web
    • FTP is used for interactive file transfers between hosts
    • TFTP performs basic file transfers typically between hosts and networking devices
    • SMTP is used for basic message delivery services
    • POP is used to connect to mail servers and download email.
    • SNMP is used to collect management information from network devices.
    • DNS maps IP addresses to the names assigned to network devices
    • Network File System (NFS) enables computers to mount and use drives on remote hosts

    Troubleshooting IP Connectivity

    • A bottom-up approach should be used when end-to-end connectivity is lost
    • The first step of the troubleshooting process should be to check physical connectivity at the point where communication stops
    • It is then important to check for duplex mismatches
    • Next, data link and network layer addressing should be checked on the local network
    • Then, the default gateway must be verified
    • It is also important to check the path from the source to the destination and verify that devices are taking the correct path.
    • Next, check that the transport layer is functioning correctly
    • Verify that ACLs are not blocking traffic
    • Finally, ensure that the DNS settings are correct

    End-to-End Connectivity and Ping and Traceroute

    • Troubleshooting efforts are often initiated by a loss of end-to-end connectivity
    • Ping and Traceroute are two utilities commonly used to verify a problem with end-to-end connectivity

    Step 1: Verify the Physical Layer

    • The show interfaces command can be used to troubleshoot performance-related issues, and when hardware is suspected of failure
    • The output is of interest for troubleshooting:
      • Interface status
      • Input queue drops
      • Output queue drops
      • Input errors
      • Output errors

    Troubleshooting IP Connectivity

    • Duplex mismatch, a scenario when both ends of a link are not set to the same speed and duplex (half-duplex or full-duplex), can cause connectivity issues.
    • The arp command in Windows is used to display and manage ARP cache entries, which store IPv4 addresses and their corresponding MAC addresses.
    • VLAN assignment errors can disrupt connectivity.
    • Misconfigured or missing default gateways can cause connectivity problems.
    • To verify the default gateway on a router, use the show ip route command.
    • On a PC, use route print or netstat -r to verify the default gateway.
    • IPv6 default gateways can be configured manually, through SLAAC, or using DHCPv6.
    • When troubleshooting, verify the routing path to the destination network using the longest prefix match.
    • Transport layer connectivity issues can be caused by ACL configuration and NAT configuration.
    • Telnet can be used to test transport layer functionality.
    • ACLs on routers can prohibit protocols from passing through interfaces.
    • DNS translates hostnames to IP addresses.
    • ip host command in global configuration mode is used to map a hostname to an IP address.
    • nslookup command in Windows displays hostname to IP address mappings.
    • Packet Tracer offers activities to practice troubleshooting enterprise networks including verifying switching technologies, DHCP, routing, WAN technologies and connectivity.

    Structured Design

    • Network documentation includes physical and logical network topologies, network device documentation, and performance baseline documentation.
    • The seven-step troubleshooting process includes:
      • Define the problem
      • Gather information
      • Analyze information
      • Eliminate possible causes
      • Propose hypothesis
      • Test hypothesis
      • Solve the problem
    • Troubleshooting tools include NMS tools, knowledge bases, baselining tools, protocol analyzers, digital multimeters, cable testers, cable analyzers, portable network analyzers, Cisco Prime NAM, and syslog servers.
    • Physical layer issues can cause connectivity failures and suboptimal performance.
    • Data link layer issues include encapsulation errors, address mapping errors, framing errors, and STP failures or loops.
    • Network layer issues include IPv4, IPv6, and routing protocols like EIGRP and OSPF.
    • Transport layer issues can be misconfigured NAT or ACLs.
    • Application layer issues can lead to unreachable or unusable resources.
    • A bottom-up troubleshooting approach is recommended, starting with the physical layer, checking for duplex mismatches, verifying addressing and default gateway, verifying the correct path, and finally inspecting the transport layer.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Description

    Test your knowledge on Cisco networking protocols such as CDP, NTP, and SNMP. This quiz covers commands, configurations, and default settings that are essential for managing Cisco devices effectively. Prepare to dive deep into the functionalities and features of these protocols.

    More Like This

    CISCO Networking Quiz
    10 questions
    Cisco Networking Fundamentals Quiz
    43 questions
    Cisco Networking Academy Overview
    10 questions
    Use Quizgecko on...
    Browser
    Browser