5th Cisco Test commands and TCP/IP connection failure handling
First, fault handling commands
1. Show command:
1) Global command:
Show version; Display system hardware and software versions, DRAM, Flash
Show Startup-config; display the configuration content written in NVRAM
Show Running-config; display the currently running configuration content
show buffers; the name and size of the verbose output buffer
Show stacks; provides router process and processor utilization information, using the stack decode
Show Tech-support; display output of several show commands
Show access-lists; view access list configuration
Show memory;
2) interface-related commands
Show queueing [Fair|priority|custom]
Show queue e0/1; View settings and operations for queues on an interface
Show interface E0/1; the Cisco default Ethernet encapsulation method is ARPA
show ip interface e0/1; Displays TCP/IP configuration information for the specified interface
3) process-related commands
Show processes CPU, display router CPU usage and current process
Show processes memory use of the current process of the router
4) TCP/IP protocol related commands
show IP access-list; display IP access list (1-199)
show ip arp; display the ARP cache for the router (IP, MAC, package type, interface)
show IP protocols; Displays information about the IP routing protocol running on the router
show IP route; display the information in the IP routing table
show IP traffic; Display IP traffic statistics
2. Debug command
Debug should not run on routers with a CPU usage of more than 50%.
1) Limit debug output
After using debug to obtain the required data, close the debug
To configure the router to use timestamps for all messages:
Router#service Timestamps Debug datetime msec localtime
Router#service timestamp log datetime msec localtime
By default, error and debug information is sent only to Console,telnet to see Debug and log information on the router. To see the debug and log messages in Telnet:
Router#terminal Monitor
router#terminal Monitor; Turn off information output
Router#undebug all; Turn off the debug process and the output of all relevant information
The ACL can be applied to debug in order to qualify only the debug information required for the output.
If you are viewing only ICMP packets from 10.0.1.1 to 10.1.1.1:
Router (config) #access-list 101 permit ICMP host 10.0.1.1 host 10.1.1.1
Router#debug IP Packet Detail 101
2) Global Debug Command:
3) Interface Debug
4) Protocol Debug
5) IP Debug
Debug IP Packets
3. Logging command
Output error and other information to the console, terminal, router internal buffer, or a syslog server:
Router>show Logging
Cisco routers have 8 possible logging levels: 0-7
Logging Level name Description
1 information not available for the emergencies system
2 Alerts Direct Action
3 Critical Emergency situation
4 Errors Error message
5 Warnings warning message
6 notifications a normal but important situation
7 Informational Information
8 Debugging Commissioning
By default, the console, monitor, and buffer logging are set to the debugging level, while the logging of the Trap (syslog) server is set to informational.
4. Perform routing core replication
Core dump contains an exact copy of the current system's in-memory information. The methods for capturing information contained in memory are:
1) Configure the router to execute core Dump on crash, store to TFTP, FTP, RCP server:
For the TFTP protocol, simply specify the TFTP server IP and do not require any additional configuration:
Router (config) #exception dump 192.168.1.1, the IP address of the TFTP server
Configuration of the FTP protocol:
Router (config) #exception dump 192.168.1.1; IP address of the FTP server
Router (config) #ip ftp username Kevin
Router (config) #ip ftp password Aloha
Router (config) #ip ftp source-interface E0
Router (config) #exception protocol FTP
Configuration of the RCP protocol:
Router (config) #exception protocol rcp
Router (config) #exception dump 192.168.1.1, the IP address of the RCP server
Router (config) #ip rcmd remote-username Kevin
Router (config) #ip rcmd rcp-enable
Router (config) #ip rcmd rsh-enable
Router (config) #ip rcmd remote-host Kevin 192.168.1.1 Kevin;
2) If the system does not crash, execute the core dump command.
Router#write Core
Core dump is only useful when Cisco engineers test and troubleshoot router problems.
5. Ping command
Ping is used to test the entire network for accessibility and connectivity. Can be used in user exec mode and in privileged exec mode.
The ping to IP uses the ICMP protocol to provide connectivity and probability information, sending only 5 echo messages by default.
The options for extending ping are: Source IP address, service type, data, Baotou option.
Response Character set for ping
Character Interpretation character interpretation
! Received an echo-reply message Q Source quench
. Timeout M Unable to fragment
u/h Destination Unreachable A administratively denied
N Network unreachable? Unknown Packet-type
P Protocol Unreachable
6. Traceroute command
The traceroute is used to display the package path to the destination. Can be used in user mode and privileged mode.
Traceroute's response:
Character Interpretation character interpretation
Xx msec the RTT for each packet * Timeout
H Host unreachable U Port Unreachable
N Network unreachable P Protocol Unreachable
A administratively denied Q Source quench
? Unknown Packet Type
Second, LAN connectivity issues
1. Obtain an IP address
The host can obtain an IP address dynamically or statically.
1) DHCP:DHCP has more address pools and leases than BOOTP.
2) BootP:
3) Helper Addresses: Specifies the IP address of the DHCP server to be placed centrally
Ip helperaddress ip-address;
No IP forward-protocol UDP 137;
4) DHCP service on the router: Configure the router as a DHCP server
5) DHCP and BOOTP fault handling
Show DHCP server;
Show DHCP lease;
2. ARP
ARP maps the 2nd-tier MAC address to the 3rd-tier address.
Show ARP; display the ARP table of the router
Debug ARP;
1) ARP proxy: The default ARP proxy for Cisco routers is enabled
In the following cases, the Cisco router responds to the ARP request with its own MAC address:
? The proxy ARP on the interface receiving the ARP is enabled;
? The address of the ARP request is not in the local subnet;
? The router's routing table contains the subnet of the ARP request address;
3. Example of TCP connection
Third, IP access list
1. Standard ACL: IP packet-based source IP address allowed or disabled
2, extended ACL: Provide source address, destination address, port number, Session layer protocol to filter.
3. Named ACL: it can be either a standard ACL or an extended ACL.
The difference between a named ACL and a numbered ACL: a named ACL has a logical name that can be removed from a single row in a named ACL.
Ip Access-list Extended Example-named-acl
Deny TCP any any EQ Echo
Deny TCP any any EQ 37
Permit UDP host 172.16.10.2 any EQ SNMP
Permit TCP any any
From for notes (Wiz)
5th Cisco Test commands and TCP/IP connection failure handling