Topic7-Part II Modules8-9.pdf

Full Transcript

Part II Routing Protocols and Concepts 1 Part II Module 8: TCP/IP Suite Error and Control Messages 8.1 Overview of TCP/IP Error Message 3 8.1.1 ICMP IP is a best effort delivery system. It has no mechanism to ensure that data is delivered over a network. Data may fail to reach its destination for a variety of reasons such as: hardware failure improper configuration, or incorrect routing information. To help identify these failures, IP uses the Internet Control Message Protocol (ICMP) to notify the sender of the data that there was an error in the delivery process. ICMP does not overcome the unreliability issues in IP. Reliability is provided by upper layer protocols. 4 8.1.2 Error reporting and error correction Workstation 1 tries to send a datagram to Workstation 6, but Fa0/0 on Router C goes down. Router C uses ICMP to send a message back to Workstation 1. The message indicates that the datagram could not be delivered. ICMP does not correct any network problems that it encounters, it only reports them. When Router C receives the datagram from Workstation 1, it knows only the source and destination IP addresses of the datagram. It does not know the exact path that the datagram took. Therefore, Router C can only notify Workstation 1 of the failure and no ICMP messages are sent to Router A and Router B. 5 8.1.3 ICMP message delivery ICMP messages are encapsulated into datagrams in the same way any other data is delivered when IP is used. Since ICMP messages are transmitted in the same way as any other data, they are subject to the same delivery failures. This creates a scenario where error reports could generate more error reports and cause increased congestion on a network. For this reason, errors created by ICMP messages do not generate their own ICMP messages. 6 8.1.4 Unreachable networks e.g., a non-existent IP address or to a destination device that is disconnected from its network 7 8.1.5 Use ping to test destination reachability The ICMP protocol can be used to test the availability of a particular destination. The echo request message is typically initiated with the ping command 8 8.1.6 Detecting excessively long routes Whether the actual path includes a circular routing path or too many hops, the packet will eventually exceed the maximum hop count, resulting in unreachable destinations. 9 8.2 ICMP Messages 10 Type 0, 8: Echo messages type and code identifier and sequence number are unique to the echo request and echo reply messages. are used to match the echo replies to the corresponding echo request. data contains additional information that may be a part of the echo reply or echo request message. 11 Type 3: Destination unreachable message Datagrams cannot always be forwarded to their destinations. E.g., Hardware failures, improper protocol configuration, down interfaces, and incorrect routing information 12 an ICMP destination unreachable message header: type = 3 code = the unreachable reason. See table. To effectively troubleshoot an IP network, it is necessary to understand the various causes of ICMP destination unreachable messages. 13 Type 5: Redirect/change requests Normally, Host B is connected to a single gateway. However, a host may be connected to a segment that has two or more directly connected routers. In this case, the default gateway of the host may need to use a redirect/change request to inform the host of the best path to a certain network. 14 Host B sends a packet to Host C on network 10.0.0.0/8. Since Host B is not directly connected to the same network, it forwards the packet to its default gateway, Router A. Router A finds the correct route to network 10.0.0.0/8 by looking into its route table. It determines that the path to the network is back out the same interface the request to forward the packet came from. It forwards the packet and sends an ICMP redirect/change request to Host B. The request instructs Host B to use Router B as the gateway to forward all future requests to network 10.0.0.0/8. Default gateways only send ICMP redirect/change request messages if the following conditions are met: The interface on which the packet comes into the router is the same interface on which the packet gets routed out. The subnet/network of the source IP address is the same subnet/network of the next-hop IP address of the routed packet. The datagram is not source-routed. The route for the redirect is not another ICMP redirect or a default route. The router is configured to send redirects. By default, Cisco routers send ICMP redirects. The interface 15 subcommand no ip redirects will disable ICMP redirects. Type 13, 14: Clock synchronization and transit time estimation type 13 =a timestamp request or 14 =a timestamp reply. code always set to 0 because there are no additional parameters available. originate timestamp the time on the requesting host just before the timestamp request is sent. receive timestamp the time that the destination host receives the ICMP timestamp request. transmit timestamp is filled in just before the ICMP timestamp reply is returned. While ICMP timestamp messages provide a simple way to estimate time on a remote host and total network transmit time, this is not the best way to obtain this information. Instead, more robust protocols such as Network Time Protocol (NTP) at the upper layers of the TCP/IP protocol stack perform clock synchronization in a more reliable manner. 16 8.3 Traceroute 17 Traceroute sends out a sequence of UDP datagrams from the router to an invalid port address on the remote host. For the first sequence of three datagrams, a TTL field value is set to 1. The TTL value of 1 causes the datagram to time out at the first router in the path. This router then responds with an ICMP Time Exceeded Message (TEM) indicating that the datagram has expired. Three more UDP messages are now sent, this time with the TTL value set to 2. This causes the second router to return ICMP TEMs. This process continues until the packets actually reach the other destination or the maximum TTL has been reached. The default maximum TTL for traceroute is 30. Since these datagrams are trying to access an invalid port at the destination host, ICMP Port Unreachable Messages are returned instead of ICMP TEMs. This indicates an unreachable port and signals the Traceroute program to end the process. 18 19 Part II Module 9: Basic Router Troubleshooting show ip route To gather detailed information about the routes installed on the router ping To perform basic network connectivity tests telnet To verify the application layer software between source and destination stations show interfaces To confirm Layer 1 and Layer 2 problems show ip route and show ip protocol To identify routing issues show cdp To verify Layer 2 connectivity traceroute to identify the path packets take between networks show controllers serial ensure the proper cable is attached debug to monitor router activity 21 9.1 Examining the Routing Table 22 9.1.1 The show ip route command additional commands that can be used with the show ip route command: show ip route connected show ip route address show ip route rip show ip route igrp show ip route static 23 9.1.2 Determining the gateway of last resort or ip route 0.0.0.0 0.0.0.0 192.168.17.0 24 25 9.1.4 Determining L2 and L3 addresses Do Interactive Media Activity 26 9.1.5 Determining the route administrative distance 27 9.1.8 Determining the last routing update show ip route show ip route address show ip protocols show ip rip database 28 29 30 9.1.9 Observing multiple paths to destination IGRP supports unequal cost path load balancing, which is known as variance. The variance command instructs the router to include routes with a metric less than n times the minimum metric route for that destination. The variable n can take a value between 1 and 128, with the default being 1, which means equal cost load balancing. E-B-A with a metric of 30 E-C-A with a metric of 20 E-D-A with a metric of 45 Router E chooses the path E-C-A with a metric of 20 (as 20 is better than 30 and 45). Configure variance with a multiplier of 2 = increases the minimum metric to 40 (2 * 20 = 40). IGRP includes all routes that have a metric of less than 40. IGRP now uses two paths to get to Network X, E-C-A and E-B-A, because both paths have a metric of under 40. 31 the output from show ip route from rt1 before the variance is configured. the output from show ip route from rt1 after the variance is configured. The preferred route is interface FastEthernet 0/0, but Serial 0/0 will also be used. After the variance command is executed, IGRP will use load balancing between the two links 32 9.2 Network Testing 33 9.2.2 Using a structured approach to troubleshooting 34 35 9.2.3 Testing by OSI layers Layer 1 errors can include the following: Broken cables Disconnected cables Cables connected to the wrong ports Intermittent cable connection Rollover, crossover, or straight-through cables used incorrectly Transceiver problems DCE cable problems DTE cable problems Devices turned off Layer 2 errors can include the following: Improperly configured serial interfaces Improperly configured Ethernet interfaces Improper encapsulation set Improper clockrate settings on serial interfaces Network interface card (NIC) problems Layer 3 errors can include the following: Routing protocol not enabled Wrong routing protocol enabled Incorrect IP addresses Incorrect subnet masks 36 9.2.5 Layer 3 troubleshooting using ping 37 9.2.6 Layer 7 troubleshooting using Telnet A successful Telnet connection indicates that the upper-layer application and the services of lower layers are functioning properly If an administrator can Telnet to one router but not to another router, verify lower layer connectivity. If connectivity has been verified, it is likely that the Telnet failure is caused by specific addressing, naming, or access permission problems. 38 9.2 Troubleshooting Router Issues Overview 39 9.3.1 Troubleshooting Layer 1 using show interfaces The 1st parameter, which is line, refers to the physical layer The 2nd parameter considers protocol, When the line is down, the protocol is always down. If the interface is down, a hardware problem exists, or it is administratively down. If the interface is up and the protocol is down, a Layer 2 problem exists. E.g., No keepalives (after missing 3 consecutive keepalives, the protocol is marked as down. No clock rate Mismatch in encapsulation type 40 9.3.3 Troubleshooting using show cdp This information is useful for debugging connectivity issues. If a cabling problem is suspected, enable the interfaces with the no shutdown command and then execute the show cdp neighbors detail command before any other configuration. If no known device appears, this usually indicates a Layer 1 problem. One area of concern with CDP is security. The amount of information CDP provides is so extensive that it can be a potential security hole. For security reasons CDP should be configured only on links between Cisco devices and disabled on user ports or links that are not locally managed. 41 9.3.4 Troubleshooting using traceroute If an asterisk (*) appears, the packet failed. The round trip time (RTT) is the time required to send an echo packet and get a response. A failed response is not always an indication of a problem because ICMP messages could be rate-limited or filtered at the host site. 42 9.3.6 Troubleshooting using show controllers the show controllers command produces a large amount of output. Other than the cable type, most of this output is internal technical detail about the controller chip status. Without specific knowledge of the integrated circuit, this information is of little use 43 9.3.7 Introduction to debug WARNING: The debug all command should be used sparingly as this can disrupt router operations. 44 45 46 47