troubleshoot connectivity cisco

https://www.cisco.com/c/en/us/support/docs/lan-switching/ethernet/10561-3.html

https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/12027-53.html?referring_site=smartnavRD

https://www.cisco.com/c/en/us/support/docs/lan-switching/ethernet/12006-chapter22.html

https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/28943-170.html



troubleshooting connectivity issues

== sh int fa0/0
Watch for some of the errors like 

Runts: Runts are frames smaller than 64bytes

CRC error: This is CRC called cyclic redundancy checksum value does not match

one calculated by switch or router etc.

Collisions: Look for collisions on a full-duplex interface or excessive

collision on a half-duplex interface.

Late collision on a half-duplex interface: This is occurs after first 64

bytes of a frame.

Frames: frame error has a CRC error.

== show controllers fa0/0

more extensive with precise error counts

No Connectivity between Switches
1) Check for interface shut down

== sh ip int br
== show ip interface fa0/0

If it is showing Up/down, you have some l2 troubleshooting to do.
An interface status of err-disable could be caused by many different problem

.common problem can be security violation or detection of a unidirectional

link.

When a port is error disabled, it is effectively shut down and no traffic is

sent or received on that port. The port LED is set to the color orange.

== switch# show interface status err-disabled

2) Verify your trunk links and ether channel if configure using following command:

“Show interface trunk”
“Show etherchannel summary

Lack of reachability to devices in same VLAN
1) Eliminate Layer 1 issue using "show ip interface “command.

R1#show ip interface fa0/0

2) Verify VLAN exist on the Switch using “Show VLAN “command.

SW#sh vlan

3) Verify that the interface is assigned to the correct VLAN using “show interface switchport” command.

sw#show interfaces switchport fa1/15

If it is not in correct VLAN assign port into correct VLAN using following steps:

Conf t

Int fa1/15

Switchport access vlan 2

4) Verify that VLAN is allowed on trunk port using “show interface trunk” command.

sw#show interfaces trunk
5) You can also use the Layer 2 traceroute utility to identifies the Layer 2 path that a packet takes from a source device to a destination device using “traceroute mac [interface type interface_number] source_mac_address [interface type interface_number] destination_mac_address [vlan vlan_id] [detail]” command.

Intermittent reachability to devices in same VLAN

1) Check for spanning-tree problems such as BPDU floods or flapping mac address.
Spanning-tree issues are possible in a network that has not been properly configured. One common STP problem is a change in Root Bridge. If Root Bridge is not properly configured a change in root can cause a flood of BPDUs and affect network connectivity. Another Known symptom of loop is flapping of MAC address.A port configuraed with loop guard or root guard put in an inconsistence state if it receive superior BPDU can be verify using “ show spanning-tree inconsistent  port”

Some IOS useful command:
‘Show spanning-tree”
‘Show spanning-tree detail:
‘Show spanning-tree root”
"Show mac-address-table”

Finding IP address connected to a cisco switch port

If you don’t know IP address of devices present on specific VLAN and wanted to track end device IP address please try following steps:

Steps 1: ping to broadcast IP address of subnet from your L3 device(Gateway)

For example: I have following connectivity.R1 connected to Sw1 and Sw1 to Sw2.Host H1 and H2 are connected to SW2.

So for subnet 1.1.1.0/24 broadcast IP is 1.1.1.255

Let’s ping to 1.1.1.255 from your router. All hosts present to that LAN segment will reply as you can see below and your ARP table will get flood with IP address and respective mac-address on L3 device.

ping  1.1.1.255

Step2: then Check arp entries using "show arp” command on L3 device and it will show you mac-address associate with IP address.
== sh ip arp

From above table you can see host 1.1.1.2 machine mac-address is c003.2498.0000

Step3: Now check mac learned from specific port as shown below:

R1#sh mac address c003.2498.0000

Step4: Then use CDP (Cisco discovery protocol) to check what device connected to port on which you learn mac –address.

In our scenario we have learned Mac-address from F1/1; we need to check CDP detail for fa1/1.

R1#sh cdp ne fa1/1 detail

Once you find connected device, login into it and again use “sh mac address c003.2498.0000” command and “sh cdp ne fa1/1 detail” command till you find your actual end port to which your host is connected.The above method is useful when you CDP enable on your all switches and your end host responds to broadcast message.