How to achieve efficient management of LAN switches

LAN switches have become the core devices in the network. How to achieve efficient management is a matter of consideration for network management. The working status of LAN switches directly determines the stable transmission performance of LAN networks. In order to make the LAN work more stably, we often need to properly adjust the switch equipment to ensure that the device can always run efficiently.

No, this article is now contributing to your friends a few private keys for LAN switches. I hope these private keys can help you improve network management efficiency! I have encountered a frequent network interruption fault, and each time I restart the switch system, the problem can be solved. After careful troubleshooting of traffic exceptions, network viruses, and other factors, ask the ISP carrier to test the Internet connection line. The result shows that the Internet connection line has no problems. Without a clue, I suddenly remembered that the LAN switch has been working for many years, and the software system version is relatively low, is it because the version is too low that the vswitch system is not dynamic?

To verify that my guess is correct, I immediately logged on to the vswitch background management interface as a system administrator and executed the "display cpu" command in the command line status of the interface, I found that the CPU usage of the switch system has been above 95%. It is no wonder that the workstation connected to the LAN switch cannot access the Internet. Then, I executed the "display version" command in the command line status, on the result page, I found that the VRP platform software version of the switch system is relatively low. I will download the latest version of the platform software from the official website of the corresponding switch device, upgrade the vswitch system software.

Because the switch used by the organization supports remote management, the most common FTP mode is used for upgrading. Before the formal upgrade, I first checked the remaining space in the Flash memory of the target switch. If there is not much space available, I need to delete some outdated files, otherwise, the latest switch upgrade package cannot be uploaded to the LAN switch system. After confirming that the remaining space of the Flash memory is sufficient, I regard my ordinary workstation as an FTP server and the LAN switch device as a client system, in this way, I can easily set up an FTP server without configuring Any LAN switch device. Now I can log on to the FTP server from the switch, use the FTP command to download and save the latest VRP platform software on the local normal workstation to the Flash memory of the switch. To prevent platform software upgrade failure, I backed up the original Switch configuration file. After all, when the switch device is upgraded from a lower version to a later version, some Switch configuration information may be lost. It is necessary to back up the old configuration file.

Then, the author uses the boot command to specify that the switch system automatically calls the latest platform software at the next startup. After the switch system restarts successfully and the VRP platform software is updated, the switch system was reconfigured according to the previous configuration, and the switch's working status was immediately restored. After a long time, the author found that the CPU usage of the system was always around 15%, this indicates that after the vswitch platform software is upgraded to the latest version, the vswitch can remain dynamic. Therefore, when the LAN switch remains unstable, we should check the version of the corresponding platform software in time. Once the switch system version is found to be low, we must upgrade it in time, this can solve many hidden failures caused by the switch's own performance.

Cleverly view the NIC status information

In many cases, the failure of the workstation to access the Internet is caused by the change of the NIC device status. Currently, many media have solutions to NIC faults quickly, these methods provide us with ideas and methods for efficient network management. However, when solving Nic faults, we often need to go to the fault site to understand the working status of NIC equipment and determine the fault of NIC equipment. In fact, in many cases, we do not need to go to the fault site, you only need to observe the status of the switch port that is directly connected to the NIC device, and then the status information of the target Nic device can be transparent.

I have encountered a fault. The red "X" icon appears on the network connection icon in the system tray area of the workstation, at the beginning, I thought it was caused by unexpected disconnection of the NIC device, long network connection cable, wrong line sequence of the network cable, or poor jumper contact, so I tried to modify the online settings of the workstation system, change the network connection cable, and restart the workstation system. However, these operations did not solve the network failure.

Later, I remotely log on to the floor switch system connected to the target Nic device from my workstation system and switch the system to the superuser management status, execute the string command "display inter e0/2" at the command line prompt in this status (inter e0/2 is the switch port connected to the target Nic device ), the result page shows that the working status of the corresponding switch port is "err-disabled", and the result page shows that the corresponding port has a large value of Collisions, the value obviously exceeds the specified range. In the end, the switch system mistakenly considers that there is a network loop on the corresponding switching port, and forcibly sets the port's working status to "err-disabled ".

If a port of the vswitch is in the active state of "err-disabled", it is likely that the NIC device of the workstation is not properly installed, the working mode of the NIC device does not match the working mode of the corresponding port of the switch, or the usage of the network cable is not standard. For example, the transmission distance of the network cable exceeds the maximum communication distance, or an inappropriate cable type is selected. According to this analysis, the author first completely uninstalls the NIC Driver of the common workstation from the system, and re-installs the NIC driver according to the correct method, then, a compliant network cable was created to connect the NIC device and the switch.

However, this effort still cannot solve the problem. Is it because the NIC device does not match the port working mode of the LAN switch, the switch port connected to the NIC is changed to "err-disabled "? To verify my guesses, I immediately click the "Start", "set", and "network connection" commands in the system of the common workstation. In the displayed network connection List window of the corresponding system, right-click the target local connection icon and execute the "properties" command from the shortcut menu to open the attribute setting window for the local connection. Click the "General" tab in the setting window, on the tag settings page, select the target Nic device and click "Configure" to go to the properties settings page of the target Nic device. Click the "advanced" tab, on the label settings page that appears later, I can see that the target Nic device is in the M half duplex status, but when I check the switch port status that is connected to the target Nic device, I can see that the working status of the corresponding switching port is m full duplex, this indicates that the number of Collisions conflicts increases because the duplex mode of the NIC device and the LAN Switch Connection port is not consistent, so that the workstation cannot access the Internet. After finding the cause of the fault, I immediately changed the working mode of the NIC device to m in the normal workstation system, and then restarted the workstation system, at this time, I found that the normal workstation can access the Internet immediately.

From the troubleshooting process above, we cannot rashly use the method of replacing the NIC device to solve the fault if the NIC device is abnormal in the future, although this can improve the efficiency of solving network faults, it cannot take full advantage of the residual heat of the NIC equipment, let alone solve the fault caused by the mismatch of the NIC equipment due to the duplex mode. Instead, we should be good at starting from the connection port of the LAN switch, carefully checking the NIC device status and the switch port status it is connected, from these status information, we are able to find effective solutions to network faults.

Smart Monitoring allows switches to discover Loops

In a LAN with a slightly larger network size or when the LAN uses a backup cable, the network administrator may easily cause a network loop fault in the LAN, network virus attacks, abnormal network traffic conflicts, and other factors may also cause network loops in the LAN. Once a network loop occurs, the transmission speed on the internet is slow. In severe cases, the network is paralyzed, this can effectively prevent network transmission channels from being severely congested and the access speed is extremely slow. However, there are many reasons for the network loop phenomenon. If you simply use a manual method to determine whether there is a network loop phenomenon in the LAN, it is obviously troublesome, and it is not conducive to improving network management efficiency. In fact, we can use the loop test function provided by the LAN switch system to quickly and intelligently identify the location of the network in which a loop fault occurs. After finding a specific fault location, then we can quickly take targeted measures to quickly solve network loop faults.

Currently, almost all vswitches in the LAN have the loop test function. We only need to enable the loop test function of a port of the vswitch, this function automatically detects the network loops of all virtual working subnets through the port. Once the network loops of the corresponding port are detected, the detection results can be automatically saved to the log file of the LAN switch. As long as the network administrator regularly checks the corresponding log file, it can quickly determine whether a loop fault has occurred in the LAN, you can also find out the location where the fault occurred. To prevent network loop faults from impacting the stable operation of the LAN, we can also enable the network loop control function of the switching port. If this function is enabled at the same time, as soon as the switch system finds that a network loop fault exists on the specified switching port, the switch port is automatically disabled immediately, in order to prevent the network loop phenomenon from a strong impact on the entire LAN.