Common troubleshooting methods

I. Static Routing faults

1. Static Routing and category search

When the routing selection table process checks a DNS static route that uses an intermediate address (the routing table is used as the IP address referenced by the next hop), this check is always completed in the category mode, whether or not the ip classless command is used, if the intermediate address in the category mode cannot be resolved in the route selection table, the static route is deleted.

Use show ip route to view the route selection table.

Debug can be used to show that a network is down.

If you use the classless method and a default route exists, a high management distance backup statement routing will never go into the routing table when the master static route fails. This is because any static route, even a static route pointing to a nonexistent intermediate address, will use the default route for resolution.

The CISCO Route Selection table process calls a static routing function of the Check Route Selection table every 60 s to install or delete a static route according to the dynamically changing route selection table.

2. Static Routing and intermediate address

Static Routing can be created using an intermediate network address or an outbound interface. In most cases, it is more effective to use the outbound interface to parse static routes in the route selection table process.

As long as the intermediate IP address can be resolved in the routing selection table, it does not need to be a real next hop router interface. A static network route (such as an intermediate address) must be eventually resolved to a route entry with an outbound interface in the routing selection table.

When a route table process needs to use a static route table entry for the x. x. x.0/24 network, it also needs to parse the intermediate address y. y, which is called recursive search. An additional route query may not affect the performance of the route selection process. However, using multiple recursive searches to obtain the parsed static route may affect the performance.

3. Static route optimization

To avoid recursive search: Serial Network: use an out-of-band Interface

Ethernet network: both the intermediate address and the outbound interface are used.

4. Install and delete static routes repeatedly

Use the outbound interface instead of the intermediate address as much as possible to configure Static Routing.

5. Use discarded routes

Sometimes a loop occurs in the network. You can view the result of the Route Selection loop through the counter on the router interface periodically.

Clear counters serial0/0

Show interface serial0/0

The routing loop problem creates a black hole in the network. Once the TTL in the IP header is reduced to 0, the group is discarded.

Solution 1: no ip classless routing -- use no ip classless on the user's network router. when at least one known subnet exists, the router does not use any supernetwork or default route. But not the first choice. Because it changes the query behavior of the Route Selection table of all groups.

Solution 2: Use a discarded route. When no specific match exists in the route selection table and an over-network or default route is used to forward those groups, A discarded route sends the group to null0, that is, the bit bucket.

Ip route x. x.0.0 255.255.0.0 null0

Ip route x. x.0.0 255.255.0.0 null0 200

The next command line is used to configure another discarded route that is used only when the master route fails. You can change the default Management Distance of a static route to a value higher than the Management Distance of the Dynamic Route Selection protocol used.

Ii. RIP troubleshooting

1. Incompatible version types

Debug ip rip

Show ip protocols is very useful for the RIP group versions sent and received on the check interface.

If R1 does not support V2 versions, it can only receive r1_1 groups. r1_1 and r1_2.

A specific version of the RIP group can be specified at the interface level.

Interface e0

Ip rip send version 1 2

Ip rip receive version 1 2

2. mismatched authentication keys

One option of r00002 is the r00002 update that can be authenticated. To enhance security, you must configure a password for both parties when using authentication. This password is called an authentication key. If this key does not match the key of the other party, both parties will ignore r12002 updates.

Configure ip rip authentication key-chain cisco on the Interface

Debug with the debug ip rip.

3. the limit on the number of RIP entries is reached.

The maximum value of the RIP metric is 15 hops.

This problem cannot be overcome. You can use a route selection protocol that is not limited to 15 hops. The maximum number of IGRP hops is 255, and the maximum number of OSPF hops is 224. The default value is 100.

4. Discontinuous Networks

When the primary network is separated by another primary network, it is called a discontinuous network.

Solution 1: Use Static Routing

Solution 2: Change the link address between routers to a part of the left-side discontinuous network.

Solution 3: Use the no auto-summary configuration on the two routers to enable the classless routing version of r1_2.

Router rip

Version 2

Network x. x. x.0

No auto-summary

Solution 4: Use the classless routing protocol. For example, OSPF, OSPF, and IS-IS replace the r1_1 route selection protocol.

5. Invalid Source Address

When RIP tells the route selection table to install the route, it checks the source validity. If the source subnet is different from the local interface, RIP ignores the update and does not install the route from this source in the route selection table.

This check must be closed when one party has a serial number and the other party has no serial number.

Router rip

No validate-update-source

6. flapping Routing

A route flip refers to the continuous deletion and re-insertion of a route in the route selection table. To check whether the route is truly flipped, check the route selection table and view the route life (age ). If the lifetime is constantly reset to 00:00:00, this means that the route is switching.

If RIP does not receive a route for 240 S, the route will remain S and be cleared.

Use show interface to check the interface statistical value.

Group loss is the most common case for Frame Relay.

You can use show ip route rip to check how long the RIP has not been updated.

Use show interface serial 0 to check whether a large number of broadcast groups on the interface are discarded. In the case of Frame Relay, you may need to adjust the Frame Relay broadcast queue. In a non-Frame Relay environment, you may need to add input or output retention queues.

7. Large route selection table

Use ip summary-address to summarize the route.

Iii. troubleshooting of the MongoDB instance

1. Unmatched K value

In order to establish its neighbor relationship, the K-constant values used to calculate the OSPF metric must be the same.

K1-bandwidth K2-load K3-delay K4, K5-Reliability

Router VPN 1

Network x. x

Metric weights 0 1 1 1 1 0

2. Unmatched AS numbers

Vrouters with different Autonomous System numbers do not have any neighbor relationship.

3. Activity stickiness

(1) determine the problem

Possible causes include:

. Bad or congested links;

. Low vro resources, such as low memory and high CPU processing on the vro.

. Long query range

. Excessive Redundancy

The default active timer is only 180 S.

Use the show ip VPN topology active command to help you troubleshoot the problem caused by an active message sticking error. This command is only useful when the problem occurs and can be determined by the user only within s at a time. The neighbor has an r following it, indicating that it does not respond to the query.

(2) troubleshooting methods

Trace the query and find the status of the active route at each hop.

(3) Final Solution

Try to manually summarize the routes and have a hierarchical network design. The more networks that are summarized by the network, the less things that need to be done when the primary convergence occurs.

4. Duplicate route ID

The concept of vroid ID is used only for external routing to prevent loops. Select the router ID based on the maximum IP address of the loopback interface on the router. If the router does not have a loopback interface, select the maximum active IP address of all interfaces as the router ID of the router.

You can see that a network is advertised on the interface in the debug ip network.

Rule of thumb: Never configure the same IP address in two locations of the network.

Iv. OSPF troubleshooting

1. Unmatched Parameters

Use the debug ip ospf command to view most of the mismatch issues.

(1) The hello/dead interval does not match-matching can form a neighbor.

(2) mismatched authentication type-MD5 and plain text authentication under OSPF.

Router ospf 1

Area 0 authentication message-digest

Network x. x.0.0 0.0.255.255 area 0

(3) mismatched Region ID-region information is sent in the HELLO group of OSPF. Different.

(4) unmatched short cut/transfer/NSSA region options-When OSPF exchanges a HELLO group with a neighbor, one of the items it exchanges is optional represented by 8 bits. One of the Option fields is the E-bit, that is, the OSPF short cut mark. When the E-bit is set to 0, the region associated with the route is a short area, and the external LSA is not allowed to enter this area.

2. OSPF status problems

A router that becomes a neighbor does not guarantee that the status of the switching link is updated. Once the router decides to establish an adjacent relationship with a neighbor, it begins to exchange a complete copy of its link status database.

(1) OSPF falls into ATTEMPT, which is only valid for the NBMA network of the neighbor statement. A Router tries to contact a neighbor by sending its HELLO message, but it does not receive a response.

Show ip ospf neighbor.

Cause: the connectivity of unicast on NBMA is disconnected due to incorrect configuration of neighbor, which may be caused by incorrect DLCI, access list, or translation of unicast NAT.

(2) ospf in the INIT--INIT State indicates that the router receives the HELLO group from the neighbor, but the two-way communication is not established.

Cause:

. The access list of one party blocks HELLO;

. The multicast capability of one party fails (a switch failure );

. Authentication is enabled only on one party;

. The broadcast keyword is missing in the frame-relay map/dialer map statement of one party.

. The HELLO of one party is lost at Layer 2nd.

(3) OSPF falls into 2-WAY -- bidirectional State means that the router sees its router ID in the neighbor field of the hello group. if the priority of all vrouters is 0, no election will occur and all vrouters stay in the bidirectional state.

Solution: make sure that at least one router has at least one ip ospf priority.

(4) OSPF falls into EXSTART/EXCHANGE -- OSPF neighbors in the EXSTART or EXCHANGE status are in the process of attempting to switch the DBD (Database description) group.

Cause:

. Unmatched interface MTU

. Duplicate router ID on the neighbor

. You cannot PING the specified MTU.

. The disconnection of unicast connectivity may be caused by incorrect DLCI, access list, or translation of unicast NAT

(5) OSPF enters the LOADING state. If the neighbor does not respond or the neighbor's response never reaches the local router, the router also enters the LOADING state. Often "% OSPF-4-BADLSA" console information.

Cause:

. Unmatched MTU

. Incorrect link status request Group

3. The end of the point-to-point link is Unnumbered.

Interface s0

Ip unnumbered loopback0

Solution: both parties need to become a numbered point-to-point link or a non-numbered point-to-point link.

4. The ABR does not generate a summary LSA of type 4.

A feature of type 4 Summary LSA is to declare the ASBR accessibility to other regions. If ASBR exists in the same region, LSA of type 4 is not required.

The output of the show ip ospf database external command shows whether a route exists in the external OSPF database of the router.

The output of the show ip ospf database asbr-summary command shows whether the route has LSA of type 4.

Check whether R is indeed an ABR. If yes, a summary of Type 3 or type 4 is generated. LSA. show ip ospf

5. the forwarding address cannot be obtained through a route in or between regions.

When OSPF obtains an external LSA, before it loads the route into the routing selection table, it must determine that the forwarding address can be obtained through an OSPF region or an Inter-region route. If the forwarding address cannot be obtained through a route in or between regions, OSPF will not load the route into the routing selection table.

Possible solutions:

. Not Summarize on the ABR

. Filter the ASBR and then distribute it to the direct subnet in OSPF.

Router ospf 1

Redistribute rip subnets

6. Route Summary

Two types of summary:

. Summary of routes that can be executed between zones on the ABR

. Summary of external routes that can be executed on the ASBR

(1) Summary between regions

Router ospf 1

Area 3 range x. x. x.0 255.255.255.0

Use show ip ospf to view

(2) External Summary

Router ospf 1

Summary-address x.0.0.0 255.0.0.0

7. CPUHOG Problems

Generated in :. Neighbor Formation Process

. LSA refresh Process

8. SPF computing and route flip

As long as the topology changes, OSPF runs the SPF algorithm to calculate the Shortest Path priority tree again ., The link may be unstable.

Cause:

. Interface flip in the region

. The neighbor interface in the region changes

. Duplicate vro ID

Use the show ip ospf command to view the number of times the SPF algorithm runs in a given region;

Use the debug ip ospf monitor to isolate a flip LSA;

Use the show log command to display the interfaces.

Solution:

. Fix the rolling Link

. Redefinition of REGION BOUNDARIES

5. troubleshooting IS-IS faults

1. IS-IS neighbor Problem

It is usually caused by link faults and configuration errors.

Show clns neighbors displays all neighbors that want to be adjacent to the investigated router.

Debug isis command to debug

2. Some or all adjacent groups are not formed

Step 1: Check for Link faults. Show ip interface brief

Step 2 -- check for configuration errors. Show run

Step 3 -- check for unmatched level 1 and level 2 interfaces.

Step 4 -- check the incorrect configuration of the region.

Step 5 -- check the incorrectly configured Subnet

Step 6 -- check duplicate system IDS

3. The neighbor is in the INIT state.

Common Causes: mismatched interface MTU and authentication parameters. Show clns neighbors

Step 1 -- check for authentication debug isis

Step 2 -- check for mismatched MTU debug isis

Step 3 -- check whether the IS-is hello filling IS disabled (the command IS the same as above)

Use show clns interface to view the HELLO filling status on the interface

4. The formation of ES-IS neighbor replaces IS-IS neighbor

The CISCO router that runs IS-IS in an IP environment still listens to the ISH produced by the ES-IS protocol. when the physical layer and the data link layer work, even if there IS no established IS-IS adjacent to the appropriate conditions, can still form a ES-IS adjacent.

Show clns neighbors

5. Route notification Problems

Most route notification problems can be restricted to source configuration problems or link status group (LSP) Propagation Problems.

The Dijkstra algorithm runs on the LS database to obtain the optimal path for each advertised route.

Debug isis update-packets

Debug isis snp-packets

The above two debugging methods help to troubleshoot LSP flooding problems and link status database synchronization.

There may be many potential causes of the problem that the route does not reach the remote network, including the problem of the adjacent network, layer 1/2, IS-IS error configuration, and other problems.

6. Route flip Problems

The high CPU usage (show process cpu command) of the spf process in the network should also be marked as unstable.

Unstable link.

Flip may also be caused by an LSP error storm or a route selection loop.

The show isis spf-log command shows which LSP is most frequently changed and which LSP is used for SPF calculation.

Show isis update-packets

6. BGP troubleshooting

1. troubleshoot BGP neighbor relationship issues

Follow: First, check layer 1/2, then IP connectivity (layer 3rd), TCP connection (layer 4th), and finally BGP configuration.

(1) Direct external BGP neighbors are not initialized

The Autonomous System (AS) will not send to or receive any IP address prefix updates from AS, unless the neighbor relationship reaches the state of established, which is the last phase of BGP neighbor establishment. When AS has a single EBGP connection, IP connectivity is established until BGP completes its sending and receiving IP address prefix operation.

.

Cause:

. The 2nd layer goes down, blocking direct communication with the EBGP neighbor

. Incorrect neighbor IP address in BGP Configuration

Command: show ip bgp summary and show ip bgp neighbors check BGP neighbor relationship

The active State indicates that no successful communication has occurred between neighbors, and the neighbors are not formed. Use PING to test the connectivity. If the connection fails, the layer 1/2 issue needs to be fixed.

Debug ip bgp can help diagnose problems

(2) non-direct external BGP neighbors are not initialized

In some cases, EBGP neighbors are not directly connected. The BGP neighbor relationship can be established between routers that try to form an EBGP Neighbor Relationship separated by one or more routers. This kind of neighbor is called EBGP multi-hop in IOS.

When there are multiple interfaces between routers and IP traffic load balancing between those interfaces, an EBGP peer entity is usually established between interfaces in the loop.

Possible causes:

. A route entry to a non-directly connected peer-to-peer physical address is lost from the route selection table.

. The ebgp-multihop command is missing in the BGP configuration.

. The update-source interface command is missing.

Command: show ip bgp summary and show bgp neighbors

Router bgp 109

Neighbor x. x remote-as 110

Neighbor x. x ebgp-multihop 2

Neighbor x. x update-source loopback0

(3) Internal BGP neighbors are not initialized

Cause:

. The route to the non-direct IBGP neighbor is lost.

. The update-source interface command is missing in BGP Configuration

(4) BGP neighbors (external and internal) are not initialized

Interface access list/filtering is a common cause of BGP neighbor activity problems.

2. BGP routing announcement for troubleshooting

Occurs in the generation and receipt of BGP Route announcements.

(1) No BGP Route is generated

Cause:

. No matching route exists in the IP Route Selection table.

. Configuration error occurred

. BGP is automatically summarized to a classification/Network Boundary

(2) spread to IBGP/EBGP neighbor/generate a BGP Route

The configured distribution list filtering may be the cause of the problem, or there is a problem with the policy route selection.

(3) The problem of spreading a BGP Route to an EBGP neighbor but not to an IBGP neighbor

Show run

Show ip bgp

Show ip bgp summary

Solution:

. Use IBGP for full interconnection

. Design a router reflector model.

Router bgp 109

Neighbor x. x route-reflector-client

. Design a smart Model

(4) spread an IBGP route to the IBGP/EBGP neighbor

A bgp Route is synchronized only after it is obtained through IGP or static routing.

The show ip bgp command output shows the Non-synchronous routes in the BGP table.

3. Eliminate the fault that the route is not loaded into the IP Route Selection table.

Cause:

(1) IBGP reasons

. The IBGP route is not synchronized.

. BGP next hop inaccessible

(2) EBGP reasons

. BGP next hop is not reachable in case of multi-hop EBGP

. BGP Route Suppression

. The multi-exit authenticator (MED) value is infinite.

4. BGP next hop inaccessible

Solution:

. Use Static Routing or redistribution to advertise the next hop of EBGP through IGP

Router ospf 1

Network x. x. x.0 0.0.255 area 0

. Use the next-hop-self command to change the next hop to an internal peer object address.

Router bgp 109

Router ospf x. x next-hop-self

4. BGP routes are blocked

Dampening is a method to reduce instability caused by unstable BGP routes from EBGP peers in the local BGP network.

Suppression is a method of assigning a penalty point for a flip BGP Route.

Router bgp 109

Bgp dampening

Article entry: csh responsible editor: csh