Adjust the switch system to improve network operation efficiency

In case of a switch system failure, we should first check whether the system needs to be upgraded and download the latest version. If not, carefully check other aspects. A switch is a core network device in a LAN. Its working status directly determines the stability of the LAN network transmission performance. In order to make the LAN work more stably, we often need to properly adjust the switch equipment to ensure that the device can always run efficiently.

Regular upgrades keep vswitches alive

I have encountered a frequent network interruption fault, and each time I restart the switch system, the problem can be solved. After careful troubleshooting of traffic exceptions, network viruses, and other factors, ask the ISP carrier to test the Internet connection line. The result shows that the Internet connection line has no problems. Without a clue, I suddenly remembered that the switch has been working for many years and the software system version is relatively low, is it because the version is too low that the vswitch system is not dynamic? To verify that my guess is correct, I immediately log on to the vswitch background management interface as a system administrator and run the "displaycpu" command in the command line status, I found that the CPU usage of the switch system has been above 95%. It is no wonder that the workstation connected to the switch cannot access the Internet. Then, I executed the "displayversion" command in the command line status, on the result page, I found that the VRP platform software version of the switch system is relatively low. I will download the latest version of the platform software from the official website of the corresponding switch device, upgrade the vswitch system software.

Because the switch used by the organization supports remote management, the most common FTP mode is used for upgrading. Before the formal upgrade, I first checked the remaining space in the Flash memory of the target switch. If there is not much space available, I need to delete some outdated files, otherwise, the latest vswitch upgrade package cannot be uploaded to the vswitch system. After confirming that the remaining space of the Flash memory is sufficient, I regard my normal workstation as an FTP server and the switch device as a client system, in this way, I can easily set up an FTP server without any configuration on the switch device. At this time, I can log on to the FTP server from the switch, use the FTP command to download and save the latest VRP platform software on the local normal workstation to the Flash memory of the switch.

To prevent platform software upgrade failure, I backed up the original Switch configuration file. After all, when the switch device is upgraded from a lower version to a later version, some Switch configuration information may be lost. It is necessary to back up the old configuration file. Then, the author uses the boot command to specify that the switch system automatically calls the latest platform software at the next startup. After the switch system restarts successfully and the VRP platform software is updated, the switch system was reconfigured according to the previous configuration, and the switch's working status was immediately restored. After a long time, the author found that the CPU usage of the system was always around 15%, this indicates that after the vswitch platform software is upgraded to the latest version, the vswitch can remain dynamic. Therefore, when the LAN switch remains unstable, we should check the version of the corresponding platform software in time. Once the switch system version is found to be low, we must upgrade it in time, this can solve many hidden failures caused by the switch's own performance.

Cleverly view the status of the transparent Nic

In many cases, the failure of the workstation to access the Internet is caused by the change of the NIC device status. Currently, many media have solutions to NIC faults quickly, these methods provide us with ideas and methods for efficient network management. However, when solving Nic faults, we often need to go to the fault site to understand the working status of NIC equipment and determine the fault of NIC equipment. In fact, in many cases, we do not need to go to the fault site, you only need to observe the status of the switch port that is directly connected to the NIC device, and then the status information of the target Nic device can be transparent.

I have encountered a fault. The red "X" icon appears on the network connection icon in the system tray area of the workstation, at the beginning, I thought it was caused by unexpected disconnection of the NIC device, long network connection cable, wrong line sequence of the network cable, or poor jumper contact, so I tried to modify the online settings of the workstation system, change the network connection cable, and restart the workstation system. However, these operations did not solve the network failure.

Later, I remotely log on to the floor switch system connected to the target Nic device from my workstation system and switch the system to the superuser management status, execute the string command "displayintere0/2" (intere0/2 is the switch port connected to the target Nic device) at the command line prompt in this status ), the result page shows that the working status of the corresponding switch port is "err-disabled", and the result page shows that the corresponding port has a large value of Collisions, the value obviously exceeds the specified range. In the end, the switch system mistakenly considers that there is a network loop on the corresponding switching port, and forcibly sets the port's working status to "err-disabled ".

If a port of the vswitch is in the active state of "err-disabled", it is likely that the NIC device of the workstation is not properly installed, the working mode of the NIC device does not match the working mode of the corresponding port of the switch, or the usage of the network cable is not standard. For example, the transmission distance of the network cable exceeds the maximum communication distance, or an inappropriate cable type is selected. According to this analysis, the author first completely uninstalls the NIC Driver of the common workstation from the system, and re-installs the NIC driver according to the correct method, then I made a new network cable to connect the NIC device and the switch. However, this effort still cannot solve the problem. Is it because the NIC device does not match the port working mode of the switch, the switch port connected to the NIC is changed to "err-disabled "? To verify my guesses, I immediately click the "Start", "set", and "network connection" commands in the system of the common workstation. In the displayed network connection List window of the corresponding system, right-click the target local connection icon and execute the "properties" command from the shortcut menu to open the attribute setting window for the local connection. Click the "General" tab in the setting window, on the tag settings page, select the target Nic device.

At the same time, click the "Configure" button to open the Property setting interface of the target Nic device, and then click the "advanced" tab, on the label settings page that appears later, I can see that the target Nic device is in the M half duplex status, but when I check the switch port status that is connected to the target Nic device, I can see that the working status of the corresponding switch port is m full duplex. This shows that the reason for the increasing number of Collisions conflicts is that the duplex mode of the NIC device and the Switch Connection port is not consistent, in this way, the workstation cannot access the Internet. After finding the cause of the fault, I immediately changed the working mode of the NIC device to m in the normal workstation system, and then restarted the workstation system, at this time, I found that the normal workstation can access the Internet immediately.

From the troubleshooting process above, we cannot rashly use the method of replacing the NIC device to solve the fault if the NIC device is abnormal in the future, although this can improve the efficiency of solving network faults, it cannot take full advantage of the residual heat of the NIC equipment, let alone solve the fault caused by the mismatch of the NIC equipment due to the duplex mode. Instead, we should be good at starting from the connection port of the switch, and carefully check the status of the NIC device and the switch port status it is connected, from these status information, we are able to find effective solutions to network faults.

Clever Monitoring allows switches to discover Loops

In a LAN with a slightly larger network size or when the LAN uses a backup cable, the network administrator may easily cause a network loop fault in the LAN, network virus attacks, abnormal network traffic conflicts, and other factors may also cause network loops in the LAN. Once a network loop occurs, the transmission speed on the internet is slow. In severe cases, the network is paralyzed, this can effectively prevent network transmission channels from being severely congested and the access speed is extremely slow. However, there are many reasons for the network loop phenomenon. If you simply use a manual method to determine whether there is a network loop phenomenon in the LAN, it is obviously troublesome, and it is not conducive to improving network management efficiency. In fact, we can use the loop test function provided by the switch system to quickly and intelligently determine the location of the network in which a loop fault occurs. After finding a specific fault location, then we can quickly take targeted measures to quickly solve network loop faults.

Currently, almost all vswitches in the LAN have the loop test function. We only need to enable the loop test function of a port of the vswitch, this function automatically detects the network loops of all virtual working subnets through the port. Once the network loops of the corresponding port are detected, the detection results can be automatically saved to the switch log file. The network administrator can quickly determine whether a loop fault has occurred in the LAN as long as the corresponding log file is regularly checked, you can also find out the location where the fault occurred. To prevent network loop faults from impacting the stable operation of the LAN, we can also enable the network loop control function of the switching port. If this function is enabled at the same time, as soon as the switch system finds that a network loop fault exists on the specified switching port, the switch port is automatically disabled immediately, in order to prevent the network loop phenomenon from a strong impact on the entire LAN.