Use Layer 2 route tracing for troubleshooting

Source: Internet
Author: User
Tags network troubleshooting traceroute mac

I believe many people are familiar with tracing network faults with traceroute ip addresses. This is based on the IP address (Layer 3) route tracking, and is suspected to be used to eliminate most network faults. The layer-2 route tracing is very similar to the layer-3 route tracing. One essential difference is that Layer 2 routing tracking is based on MAC addresses and solves Layer 2 connection faults. In determining the data transmission path in the second-layer topology, this second-layer route tracking is a very useful tool.
I. traceroute ip Defects
Although traceroute ip plays a major role in the troubleshooting process, it is basically something that every network administrator must master. However, it still has some limitations in practical application. For example, the current user reports that the client's access to the file server is very slow. To identify the cause and troubleshoot, the network administrator must first know the IP address of the client and server. Then, run the traceroute ip command to check whether the connection between the client and the server is normal, for example, whether there is congestion, whether the data transmission path is reasonable, and whether there is packet loss. However, if the network topology between the client and the server is complex, it will still be difficult to handle. Even if the cause of the problem is identified, it is difficult to find out where the problem occurred. Therefore, the traceroute ip command has certain limitations. It is easy to find out the cause of the problem, but sometimes it is helpless for the location where the problem actually occurs. Especially when the topology structure is complex, the fault point may only be identified through exclusion. In this case, the workload will be relatively large.
2. Layer 2 route tracking can precisely locate fault points
In this case, Layer 2 routing tracing is very useful. Because layer-2 route tracing is used, only the MAC address can be used to track device connections in the network. For example, for a directly connected subnet device, the Layer 2 route tracing command can use the IP address as part of the command. After knowing the IP addresses of servers and clients, you can query the ARP table to determine their MAC addresses. Then you can use the "traceroute mac address" command to locate the fault point.
3. Prerequisites for L2 route Tracing
Because the layer-2 route tracing is based on the MAC address, there are more prerequisites than the traceroute ip command in use. The network administrator must understand the content to avoid useless troubleshooting. There are many restrictions. Specifically, there are the following.
First, different software versions are required for the main network devices. For example, in a Cisco network device, if the CatOS system is deployed, the device that is troubleshooting (such as a user terminal) must be in the same subnet as sc0 or slo interfaces. If the switch uses ios software, the tracked device must be in the same subnet as the SVI (vswitch Virtual Interface) configured on the switch. This is a very strict condition. This is especially important for users who do not usually have access to Cisco network devices. Otherwise, the possible results may mislead the user into troubleshooting.
Second, restrictions on the protocol. To use the layer-2 routing tracking function, you must run the CDP protocol on all switches and interfaces in the network, and the CDP protocol must work properly. CDP becomes the Cisco Discovery protocol. It is mainly used to obtain the Protocol addresses of adjacent devices and platforms for discovering these devices. In some cases, network administrators may disable these protocols for security reasons. However, if you want to enable Layer 2 routing tracking, You need to enable these protocols. Make sure that these protocols work properly. Otherwise, the information returned by the system will be different from the actual situation, thus affecting the Administrator's correct troubleshooting. In general, in the actual troubleshooting process, before using this function, the author will confirm in advance whether the CDP protocol is enabled and works properly. Remember, this is a necessary process.
Third, limits on vswitch specifications. Not all Cisco products currently support Layer 2 route tracking. All intermediate switches between the source and faulty devices must support the L2 route tracking feature. Most Cisco devices now support this feature. Only products such as 2950 in earlier stages can be used after software upgrade. Because it is not very noticeable, it is very easy to ignore in actual work. It is particularly emphasized here. It can be seen that there are still strict restrictions when using Layer 2 route tracking. However, these restrictions do not affect the value of use. In some complex topology structures, the network administrator is still happy to use this command. Although it is necessary to take time in the early stage to confirm whether these conditions are met.
4. Introduction to Layer 2 route tracing execution instances
Assume that there is a client whose MAC address is AAAA. AAAA. AAAA.0001. There is also a file server whose MAC address is AAAA. AAAA. AAAA.0002. The user now reports that the access speed to the file server from the client is extremely slow. The network topology of an enterprise is complex. From the client to the file server, there must be five switches and two routers. In this case, although the traceroute ip command can be used to identify the cause of the problem, the fault point cannot be precisely located. In this case, you need to use the second-layer route tracing. By querying the ARP table, you can know the MAC address of the server. Generally, the administrator can select any vswitch in the network as long as he knows the target MAC address or the MAC address of the switch when performing the Layer 2 route tracking function. For example, run the traceroute mac AAAA. AAAA. AAAA.0001 AAAA. AAAA. AAAA.0002 command to check whether the connection between the client and the server is faulty. To narrow down the range, you can also replace the target MAC address or source MAC address, for example, with the MAC address of the intermediate switch. By narrowing down the scope step by step, you can accurately locate the fault occurrence point.
Obviously, the result obtained by using Layer 2 routing tracing may help administrators focus on analyzing and troubleshooting links between the source and target devices, administrators do not have to worry about building network diagrams or complex topology structures. In short, as long as you know the MAC addresses of clients, servers, and all switches in the middle, as long as you sit on the computer, the network administrator can continuously perform Layer 2 route tracking, the fault occurrence point is found. Click find, and then locate The Faulty Switch Based on the original network drawings. After finding the faulty computer, you can troubleshoot and repair it. Either restart, upgrade software, or update. That's the end. As long as you can precisely locate the fault point and find the faulty switch and other network devices, everything else is simple. Sometimes network troubleshooting takes a lot of time and effort, mainly because the problem cannot be found. Obviously, the second-layer routing tracking feature helps administrators solve this problem.
In order to locate the fault point as soon as possible, there is also a small trick. In fact, this is like a digital game. Tell you the range of numbers, such as 1 to 100. Then let you guess a number. If you guess wrong, you will be given a new range. If you guess 50, if it is wrong, it will tell you a new range of 1 to 50. When using Layer 2 route tracing to narrow down the scope, it is similar to this guess number game. If you are not very clear about the network topology, you may also have some tips to narrow down the scope as soon as possible. For example, you can use the median method when trying a command. That is, if there are 10 switches in the middle, you can first test between the client and the 5th switches. The median method can greatly reduce the number of tests. The more intermediate devices, the more obvious the effect of this method.
This command is particularly useful when you know the user IP address and need to connect the user to the physical interface.

To sum up, Layer 2 route tracing is a very useful troubleshooting tool. The administrator can sit in front of the terminal and determine whether there is a fault between any two switches in the network. When troubleshooting in a complex topology network, the second-layer route tracking can help administrators precisely locate fault points and obtain valuable time for fault resolution.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.