Use idle ports of vswitches to troubleshoot vswitches

You may have heard of many troubleshooting methods for vswitches by Using idle ports of vswitches. The following describes how to use idle ports of vswitches to analyze network traffic, how can we use this method to make it easier for us? The following describes how to troubleshoot a vswitch.

In a switched network, it is often more difficult to troubleshoot a vswitch than to troubleshoot a vro. Although the working principle of a vro is much more complex than that of A vswitch. Today, I want to introduce some of my own vswitch maintenance experience and teach you two simple ways to troubleshoot vswitches. I hope this will help you.

Analyze network traffic using idle ports of vswitches

When network congestion or other problems occur, we first need to analyze some data traffic. Only after analysis can we remedy the problem and solve the problem quickly. For this reason, I like to access a detection tool, such as a protocol analysis instrument, on the idle port of the switch when troubleshooting the switch.

Connect the protocol analysis instrument directly to the idle port of the switch. In this case, you can view the broadcast domain of the switch without interrupting the current service. The network administrator can determine whether a network failure is caused by too many broadcast domains.

However, in practice, there is also a switch troubleshooting tips. As we all know, a vswitch is a layer-2 network device that forwards traffic to a broadcast domain, but does not forward other traffic. That is to say, a vswitch belongs to a large broadcast domain, not a conflict domain.

Therefore, the switch does not distribute any valuable traffic to the monitored port. The switch forwards data traffic directly to the corresponding destination port. In these idle ports, protocol analysis instruments can only monitor broadcast packets, but cannot monitor other information traffic.

Because almost all the traffic forwarded to the idle port (Monitoring Port) is broadcast, including some sporadic frames with unknown destination addresses. These sporadic frames are due to the aging of the route forwarding table. It can be seen that without special processing, even if the monitoring device is connected to the idle port, it can only discover infinite broadcast packets, rather than monitor other valuable information traffic.

The most expensive monitoring equipment must also be able to help our administrators find the crux of the problem when there is traffic. These monitoring devices cannot do anything without valuable traffic. To solve this problem, our network administrator needs to troubleshoot the switch. However, this idle port can also receive traffic from other ports.

At this time, the port mirroring technology can help us effectively solve the problem of switch troubleshooting. Port Mirroring backs up traffic from some ports to an idle port so that the idle port has the same information traffic. Cisco switches basically have this technology.

Cisco switches can connect monitoring tools to a dedicated idle port. In earlier versions of Cisco, there may be limits on this port. However, for vswitches currently available in the market, you can configure any idle vswitch port to implement port mirroring technology.

However, you also need to pay attention to a switch troubleshooting problem. In order to improve the forwarding efficiency, the switch directly filters out some wrong packets and information when forwarding traffic. In normal times, this can significantly improve the efficiency of switch data forwarding.

However, our network administrator does not want to see this situation when troubleshooting the switch. This error message may indicate the crux of the problem. If you want to troubleshoot the network, you must change the configuration of the vswitch. However, after troubleshooting is completed, you need to promptly change this parameter back.

When monitoring the Image Port, you also need to pay attention to the packet loss problem. The output capability of the monitoring port is often an important factor that affects the final troubleshooting effect. The Image Port is the same as the common switch port. It can be received or sent.

However, to simplify the monitoring data, we usually disable the packet sending function of the monitoring port When configuring the mirror port. The monitor can only analyze the received information traffic. Despite this configuration, the Image Port's receiving capability is still limited.

If the rate of the fully-duplex port to be monitored is the same as that of the mirror port, the mirror port may lose packets when the switch forwards traffic. The traffic of the monitored port may exceed the receiving capacity of the Image Port. Therefore, although theoretically any idle port can be used as the mirror port.

However, to reduce packet loss, the network administrator still needs to make some choices when preparing the Image Port. At least ensure that the performance of the Image Port is higher than that of the monitored port. This ensures that the monitor has a correct switch troubleshooting result.

Therefore, in order to reduce the occurrence of port packet loss, I have two suggestions. First, do not mirror the information traffic of multiple monitored ports to one port, which will aggravate packet loss. Second, when selecting an Image Port, it is best to select a high-speed idle port as the monitoring port.