Chapter 4 troubleshooting of Cisco test commands and TCP/IP connections

I. troubleshooting commands

1. show command:
1) Global commands:
Show version; displays the system hardware and software versions, DRAM, flash
Show startup-config; displays the configuration content written into NVRAM
Show running-config; displays the currently running configuration content
Show buffers; Detailed output buffer name and size
Show stacks; provides the router process and processor utilization information, using Stack decode
Show tech-support; displays the output of several show commands
Show access-lists; view access list Configuration
Show memory; used to test memory problems
2) interface-related commands
Show queueing [fair | priority | custom]
Show queue E0/1; view the queue settings and operations on the Interface
Show interface E0/1; the default Ethernet Encapsulation Method for Cisco is ARPA.
Show IP interface E0/1; display the TCP/IP configuration of the specified Interface
3) process-related commands
Show processes CPU; displays the CPU usage of the router and the current process
Show processes memory; displays the memory usage of the current vro Process
4) TCP/IP protocol commands
Show IP Access-list; display IP access list (1-199)
Show ip arp; displays the ARP cache (IP, Mac, encapsulation type, and interface) of the router)
Show IP protocols; displays information about the IP routing protocol running on the router
Show IP route; displays information in the IP route table
Show IP traffic; displays IP traffic statistics

2. DEBUG command
Debug should not run on a vro whose CPU usage exceeds 50%.
1) Restrict debug output
After obtaining the required data using debug, Disable debug.
Configure timestamp for all messages on the vro:
Router # service timestamps debug datetime msec localtime
Router # service timestamp log datetime msec localtime
By default, the error and debug messages are sent only to the console, and the debug and log messages are not displayed on the vrotelnet through Telnet. To view the debug and log information in telnet:
Router # Terminal Monitor
Router # Terminal Monitor; Disable information output
Router # undebug all; disable the debug process and output of all relevant information
You can apply the ACL to debug to limit that only the required debug information is output.
For example, to view only ICMP packets from 10.0.1.1 to 10.1.1.1:
Router (config) # access-list 101 permit ICMP Host 10.0.1.1 host 10.1.1.1
Router # debug IP packet detail 101
2) Global DEBUG command:
3) debug
4) protocol debug
5) IP debug
Debug IP Packets

3. Logging command
Output Error and other information to the console, terminal, buffer in the router, or a syslog server:
Router> show Logging
Cisco routers have eight possible logging levels: 0-7
Logging-level Name Description
1. Information unavailable to the emergencies System
2 alerts direct action
3. Critical emergency
4. Errors error message
5. Warnings warning information
6. Normal but important circumstances of communications
7. Informational Information
8 debugging
By default, logging of the console, monitor, and buffer is set to the debugging level, while logging of the trap (syslog) server is set to informational.
4. Route core Replication
Core Dump contains an exact copy of information in the current system memory. The following methods are used to capture information contained in the memory:
1) configure the vro to execute core dump during crash and store it to the TFTP, FTP, and rcp servers:
For the TFTP protocol, you only need to specify the IP address of the TFTP server without any additional Configuration:
Router (config) # exception dump 192.168.1.1; IP address of the TFTP Server
Configure the FTP protocol:
Router (config) # exception dump 192.168.1.1; IP address of the FTP server
Router (config) # ip ftp Username Kevin
Router (config) # ip ftp password Aloha
Router (config) # ip ftp source-interface E0
Router (config) # exception protocol FTP
Configuration of the RCP protocol:
Router (config) # exception protocol RCP
Router (config) # exception dump 192.168.1.1; IP address of the RCP Server
Router (config) # ip rcmd remote-username Kevin
Router (config) # ip rcmd rcp-enable
Router (config) # ip rcmd rsh-enable
Router (config) # ip rcmd remote-host Kevin 192.168.1.1 Kevin;
2) execute the core dump command without a system crash.
Router # Write Core
Core dump is only useful when Cisco Engineers test and solve router problems.

5. Ping Command
Ping is used to test the network accessibility and connectivity. It can be used in EXEC mode and Privileged EXEC mode.
IP Ping uses the ICMP protocol to provide connectivity and likelihood information. By default, only five echo messages are sent.
The Ping extension options include: source IP address, service type, data, and Baotou.
Ping Response Character Set
Character Interpretation
! Received an echo-reply message Q Source Quench
. Timeout M unable to fragment
U/h Destination Unreachable A administratively denied
N Network unreachable? Unknown packet-type
P protocol unreachable
6. traceroute command
Traceroute is used to display the package path to the target. It can be used in user mode and privileged mode.
Traceroute response:
Character Interpretation
XX msec the RTT for each packet * timeout
H Host Unreachable U port unreachable
N Network unreachable P protocol unreachable
A administratively denied Q Source Quench
? Unknown packet type
Ii. LAN connection problems
1. Obtain the IP address
The host can obtain the IP address dynamically or statically.
1) DHCP: DHCP has more address pools and lease periods than BOOTP.
2) BOOTP:
3) helper addresses: IP address of the DHCP server in the Set
IP helperaddress IP-address;
No IP forward-Protocol UDP 137;
4) DHCP service on the vro: configure the vrodhcp as a DHCP server.
5) DHCP and BOOTP troubleshooting
Show DHCP server;
Show DHCP lease;
2. ARP
ARP maps layer-4 MAC addresses to layer-3 addresses.
Show ARP; displays the ARP table of the router.
Debug ARP;
1) ARP Proxy: The ARP proxy of the Cisco router is enabled by default.
In the following cases, the Cisco router uses its MAC address to respond to ARP requests:
? The proxy ARP on the interface that receives ARP is enabled;
? The address of the ARP request is not in the local subnet;
? The router routing table contains the subnet of the ARP request address;
3. TCP connection example

Iii. IP address access list
1. Standard ACL: Allow or Disable IP addresses based on IP Packets
2. Extended ACL: Provides source address, target address, port number, and Session Layer Protocol for filtering.
3. Named ACL: it can be a standard ACL or an extended ACL.
The difference between the named ACL and the numbered ACL: The named ACL has a logical name, which can delete a single row in the named ACL.
IP Access-list extended example-named-ACL
Deny tcp any eq echo
Deny tcp any eq 37
Permit UDP host 172.16.10.2 any EQ SNMP
Permit tcp any # Network Technology