Tips for remote management of enterprise Switches

Enterprise switches are still commonly used. So I have studied the remote management tips of Enterprise switches. I will share them with you here, hoping they will be useful to you. Vswitches should be familiar to every enterprise. More and more enterprises have taken enterprise vswitches as one of their core devices. Their performance directly determines the network data transmission performance.

However, after a long period of work, the enterprise switch will inevitably encounter one or another fault. To solve the fault in time, the network administrator often uses a remote method to manage the switch system. However, sometimes we may encounter the inability to remotely manage enterprise switches. What measures should we take to address this fault? The following small series will give you some useful methods from some network skills.

Check line connection status

If the physical connection between the client system and the target switch device is not smooth, we certainly cannot remotely log on to the background management system of the target switch through the network channel to remotely manage it; therefore, when we are unable to remotely manage enterprise switches, we should first use the ping command to test the smooth status of physical connection lines. Of course, before testing the ping command, we must select a common client system that is in the same subnet as the target switch, then run the ping command to test whether the IP address of the switch device can be pinged normally. If the IP address cannot be pinged properly, the physical connection status may be faulty, we can try to use another client system to continue the ping command test to see if the IP address of the Target Enterprise Switch can still be pinged normally, the problem may occur on the switch itself. For example, when the port of the switch is abnormal or the hardware performance of the switch is unstable, the ping failure may occur.

Of course, if we can ping the IP address of the switch device from the normal client system but cannot remotely manage the target switch device, most of the problems are that the switch has soft faults, for example, the vswitch background management system has a low version, or the vswitch system has been infiltrated by a network virus.

Check port working status

Sometimes, when a switching port is constantly impacted by large data capacity, the CPU resources of the Board on the corresponding port may be greatly consumed. In severe cases, all switching ports on the board may be suspended, at this time, if we ping the IP address of the switch device through these dead switching ports, the failure will naturally fail, and the remote login operation will not succeed.

To determine whether the switch port is working normally, we can use the console control line to directly connect to the control port of the enterprise switch, and log on to the background management interface of the switch system as a system administrator, execute the string command "displaycpu" in the command line status of the interface to view the CPU resource consumption of each Board of the switch. If the CPU consumption rate of a Board is found to exceed 50%, therefore, a switch port on the corresponding Board may be constantly affected by large data volumes.

In order to find the target failover port, We can insert the network cable into each switch port of the Failover board in sequence, and then in the View Mode of the corresponding switch port, ping the gateway address of the LAN to see if the target gateway address can be pinged. Once a switch port cannot be pinged to the target gateway address, run the "displayxxx" string command in view mode of the switch port ", "xxx" is the specified switch port, from the pop-up result interface, we can clearly determine the size of the input packet, output packet, and broadcast packet of the switching port, if the size of the input and output data packets exceeds 1000 Mb/s at the same time, the data traffic on the current switching port is abnormal. In this case, to prevent the switch port from affecting the operation status of the entire switch, we must temporarily disable the enabling status of the target failover port by using the "shutdown" Command provided by the switch system, then, we can further find the subnet status under the target failover port to find out the real "sin" that causes the switch board CPU to be excessively consumed, so as to restore the working status of the target switch port, in this way, we can remotely manage the Target Enterprise Switch through the network.

Checking the virus attack status ARP virus is very popular now. Once the LAN encounters an unexpected network virus attack, the network connection icon of the client system may become red frequently, when users access the Internet, they will frequently lose access to the Internet, and when the Internet browser opens the webpage content, they will frequently encounter errors, etc, this type of network virus spoofs the IP address and MAC address to implement ARP spoofing. This network spoofing will generate a large amount of ARP traffic in the local network, in the end, the network transmission channel will be blocked. Obviously, when ARP virus is detected in the local LAN, we may not be able to remotely log on to the background management system of the target switch through the network channel, the system is also remotely managed. So how can we identify the failure of remote switch management, which is caused by ARP attacks? In fact, it is very simple. We only need to scan each switch port and automatically save the scan result information to a specific text file. In the future, we will open this result file, check whether there is a prompt of address conflict. If such a prompt is displayed, it indicates that there is an ARP virus in the LAN, and then further find and disable the ARP virus source, the ARP virus can be prevented from continuing to attack the local lan network. The specific implementation steps of this method are as follows:

First, use the Console control cable to directly connect client computers such as laptops to the Target Enterprise Switch. After the physical connection is correct, click Start, program, attachment, communication, and Super Terminal commands from the client desktop, and create a new terminal connection pointing to the target switch; log on to the background management system of the target switch through a new terminal connection, and click the "send"/"Capture text" command on the Super Terminal interface, set a text file to save scan switch results;

Then, execute the string command "disdia" in the DOS command line of the vswitch background management system to thoroughly scan the switch ports of the vswitch system, after scanning, the results are automatically captured and saved to the text file previously set;

Open the target text file and check whether there is any prompt message about address conflict. If such prompt information is found, it indicates that there is an ARP virus in the LAN. To find the source of the ARP virus, run the "dismac" string command in the command line of the Enterprise Switch, find the switch port corresponding to the MAC address with the address conflict and the IP address of the sub-switch from the result interface;

Log on to the target sub-switch system as a system administrator, switch the system to the global configuration status, and then enter the view configuration status of the target switch port, in this status, run the "shutdown" command to temporarily disable the target switch port, so that ARP viruses are prohibited from affecting the entire LAN through the switch port;

Finally, we can view the network management record and find the client computer connected to the fault exchange port. The computer user is required to immediately eliminate the ARP virus; after the ARP virus is cleared, run the "undoshutdown" string command in view mode configuration of the corresponding switch port to re-enable the target switch port, in this way, we can successfully solve the failure of Remote Management Switch caused by ARP virus.