Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Support

Troubleshooting IBM

Downloads

Table Of Contents

Troubleshooting IBM

DLSw

SDLC

Technology Basics

Frame Format

SRB

SRB Algorithm

Frame Format

Troubleshooting IBM

Local SRB: Host Cannot Connect to Server

Local SRB: Routing Does Not Function

RSRB: Host Cannot Connect to Server (Peers Not Open)

RSRB: Host Cannot Connect to Server (Peers Open)

RSRB: Periodic Communication Failures

RSRB: NetBIOS Client Cannot Connect to Server

Translational Bridging: Client Cannot Connect to Server

SRT Bridging: Client Cannot Connect to Server

SDLC: Router Cannot Communicate with SDLC Device

SDLC: Intermittent Connectivity

SDLC: Client Cannot Connect to Host over Router Running SDLLC

Virtual Token Ring Addresses and SDLLC

SDLC: Sessions Fail over Router Running STUN

CIP: CLAW Connection Does Not Come Up

CIP: No Enabled LED On

CIP: CIP Will Not Come Online to Host

CIP: Router Cannot ping Host, or Host Cannot ping Router

CIP: Host Cannot Reach Remote Networks

CIP: Host Running Routed Has No Routes


Troubleshooting IBM

This chapter focuses on connectivity and performance problems associated with bridging and routing in IBM-based networks. When troubleshooting IBM-based networks, it is important to have a knowledge of Synchronous Data Link Control (SDLC) and source-route bridging (SRB), as well as data-link switching (DLSw). The following sections provide an overview of DLSw, SDLC, and SRB.

DLSw

Data-link switching was developed to provide support for SNA and NetBIOS in multiprotocol routers. SNA and NetBIOS are basically connection-oriented protocols, so the data link control procedure that they use on the LAN is IEEE 802.2 Logical Link Control (LLC) Type 2. Data-link switching also accommodates SNA protocols over WAN links via the SDLC protocol. For more information about DLSw, refer to RFC 1795, which defines the protocol.

For more information about troubleshooting DLSw problems, refer to the online "DLSw Troubleshooting Guide" at www.cisco.com/warp/customer/697/dlswts1.html.

SDLC

IBM developed the SDLC protocol in the mid-1970s for use in Systems Network Architecture (SNA) environments. SDLC was the first of an important new breed of link-layer protocols based on synchronous, bit-oriented operation. Compared to synchronous character-oriented (for example, Bisync, from IBM) and synchronous byte count-oriented protocols (for example, Digital Data Communications Message Protocol [DDCMP], from Digital Equipment Corporation), bit-oriented synchronous protocols are more efficient, more flexible, and often faster.

After developing SDLC, IBM submitted it to various standards committees. The International Organization for Standardization (ISO) modified SDLC to create the High-Level Data Link Control (HDLC) protocol. The International Telecommunications Union-Telecommunications Standards Section (ITU-T, formerly CCITT) subsequently modified HDLC to create Link Access Procedure (LAP) and then Link Access Procedure, Balanced (LAPB). The Institute of Electrical and Electronic Engineers (IEEE) modified HDLC to create IEEE 802.2. Each of these protocols has become important in its own domain. SDLC remains the SNA primary link-layer protocol for wide-area network (WAN) links.

Technology Basics

SDLC supports a variety of link types and topologies. It can be used with point-to-point and multipoint links, bounded and unbounded media, half-duplex and full-duplex transmission facilities, and circuit-switched and packet-switched networks.

SDLC identifies two types of network nodes:

Primary—Controls the operation of other stations (called secondaries). The primary polls the secondaries in a predetermined order. Secondaries can then transmit if they have outgoing data. The primary also sets up and tears down links and manages the link while it is operational.

Secondary—Is controlled by a primary. Secondaries can send information only to the primary, but they cannot do this unless the primary gives permission.

SDLC primaries and secondaries can be connected in four basic configurations:

Point-to-point—Involves only two nodes, one primary and one secondary.

Multipoint—Involves one primary and multiple secondaries.

Loop—Involves a loop topology, with the primary connected to the first and last secondaries. Intermediate secondaries pass messages through one another as they respond to the requests of the primary.

Hub go-ahead—Involves an inbound and an outbound channel. The primary uses the outbound channel to communicate with the secondaries. The secondaries use the inbound channel to communicate with the primary. The inbound channel is daisy-chained back to the primary through each secondary.

Frame Format

The SDLC frame format is shown in Figure 10-1.

Figure 10-1 The SDLC Frame Format

As Figure 10-1 shows, SDLC frames are bounded by a unique flag pattern. The Address field always contains the address of the secondary involved in the current communication. Because the primary is either the communication source or destination, there is no need to include the address of the primary—it is already known by all secondaries.

The Control field uses three different formats, depending on the type of SDLC frame used. The three SDLC frames are described as follows:

Information (I) frames—These frames carry upper-layer information and some control information. Send and receive sequence numbers and the poll final (P/F) bit perform flow and error control. The send sequence number refers to the number of the frame to be sent next. The receive sequence number provides the number of the frame to be received next. Both the sender and the receiver maintain send and receive sequence numbers. The primary uses the P/F bit to tell the secondary whether it requires an immediate response. The secondary uses this bit to tell the primary whether the current frame is the last in its current response.

Supervisory (S) frames—These frames provide control information. They request and suspend transmission, report on status, and acknowledge the receipt of I frames. They do not have an Information field.

Unnumbered (U) frames—As the name suggests, these frames are not sequenced. They are used for control purposes. For example, they are used to initialize secondaries. Depending on the function of the unnumbered frame, its Control field is 1 or 2 bytes. Some unnumbered frames have an Information field.

The frame check sequence (FCS) precedes the ending flag delimiter. The FCS is usually a cyclic redundancy check (CRC) calculation remainder. The CRC calculation is redone in the receiver. If the result differs from the value in the sender's frame, an error is assumed.

A typical SDLC-based network configuration appears in Figure 10-2. As illustrated, an IBM establishment controller (formerly called a cluster controller) in a remote site connects to dumb terminals and to a Token Ring network. In a local site, an IBM host connects (via channel-attached techniques) to an IBM front-end processor (FEP), which can also have links to local Token Ring local-area networks (LANs) and an SNA backbone. The two sites are connected through an SDLC-based 56-kbps leased line.

Figure 10-2 A Typical SDLC-Based Network Configuration

SRB

The SRB algorithm was developed by IBM and proposed to the IEEE 802.5 committee as the means to bridge among all LANs. The IEEE 802.5 committee subsequently adopted SRB into the IEEE 802.5 Token Ring LAN specification.

Since its initial proposal, IBM has offered a new bridging standard to the IEEE 802 committee: the source-route transparent (SRT) bridging solution. SRT bridging eliminates pure SRBs entirely, proposing that the two types of LAN bridges be transparent bridges and SRT bridges. Although SRT bridging has support, SRBs are still widely deployed.

SRB Algorithm

SRBs are so named because they assume that the complete source-to-destination route is placed in all inter-LAN frames sent by the source. SRBs store and forward the frames as indicated by the route appearing in the appropriate frame field. Figure 10-3 illustrates a sample SRB network.

Figure 10-3 A Sample SRB Network

Referring to Figure 10-3, assume that Host X wants to send a frame to Host Y. Initially, Host X does not know whether Host Y resides on the same LAN or a different LAN. To determine this, Host X sends out a test frame. If that frame returns to Host X without a positive indication that Host Y has seen it, Host X must assume that Host Y is on a remote segment.

To determine the exact remote location of Host Y, Host X sends an explorer frame. Each bridge receiving the explorer frame (Bridges 1 and 2, in this example) copies the frame onto all outbound ports. Route information is added to the explorer frames as they travel through the internetwork. When Host X's explorer frames reach Host Y, Host Y replies to each individually using the accumulated route information. Upon receipt of all response frames, Host X chooses a path based on some predetermined criteria.

In the example in Figure 10-3, this process will yield two routes:

LAN 1 to Bridge 1, to LAN 3, to Bridge 3, to LAN 2

LAN 1 to Bridge 2, to LAN 4, to Bridge 4, to LAN 2

Host X must select one of these two routes. The IEEE 802.5 specification does not mandate the criteria that Host X should use in choosing a route, but it does make several suggestions, including the following:

First frame received

Response with the minimum number of hops

Response with the largest allowed frame size

Various combinations of these criteria

In most cases, the path contained in the first frame received will be used.

After a route is selected, it is inserted into frames destined for Host Y in the form of a routing information field (RIF). A RIF is included only in those frames destined for other LANs. The presence of routing information within the frame is indicated by the setting of the most significant bit within the Source Address field, called the routing information indicator (RII) bit.

Frame Format

The IEEE 802.5 RIF is structured as shown in Figure 10-4.

Figure 10-4 The IEEE 802.5 RIF

The fields of the RIF are as follows:

The Routing Control field, which consists of the following subfields:

The Type subfield in the RIF indicates whether the frame should be routed to a single node, a group of nodes that make up a spanning tree of the internetwork, or all nodes. The first type is called a specifically routed frame, the second type is called a spanning-tree explorer, and the third type is called an all-paths explorer. The spanning-tree explorer can be used as a transit mechanism for multicast frames. It can also be used as a replacement for the all-paths explorer in outbound route queries. In this case, the destination responds with an all-paths explorer.

The Length subfield indicates the total length (in bytes) of the RIF.

The D bit indicates the direction of the frame (forward or reverse).

The largest field indicates the largest frame that can be handled along this route.

The Route Descriptor field, of which there can be more than one. Each route descriptor field carries a ring number/bridge number pair that specifies a portion of a route. Routes, then, are simply alternating sequences of LAN and bridge numbers that start and end with LAN numbers.

Troubleshooting IBM

This section focuses on connectivity and performance problems associated with bridging and routing in IBM-based networks. This section covers specific IBM-related symptoms, the problems that are likely to cause each symptom, and the solutions to those problems.

This section covers the most common network issues in IBM networks:

Local SRB: Host Cannot Connect to Server

Local RSRB: Routing Does Not Function

RSRB: Host Cannot Connect to Server (Peers Not Open)

RSRB: Host Cannot Connect to Server (Peers Open)

RSRB: Periodic Communication Failures

RSRB: NetBIOS Client Cannot Connect to Server

Translational Bridging: Client Cannot Connect to Server

SRT Bridging: Client Cannot Connect to Server

SDLC: Router Cannot Communicate with SDLC Device

SDLC: Intermittent Connectivity

SDLC: Client Cannot Connect to Host over Router Running SDLLC

SDLC: Sessions Fail over Router Running STUN

CIP: CLAW Connection Does Not Come Up

CIP: No Enabled LED On

CIP: CIP Will Not Come Online to Host

CIP: Router Cannot ping Host, or Host Cannot ping Router

CIP: Host Cannot Reach Remote Networks

CIP: Host Running Routed Has No Routes

Local SRB: Host Cannot Connect to Server

Symptom: Connections fail over a router configured as an SRB connecting two or more Token Rings.

Table 10-1 outlines the problems that might cause this symptom and describes solutions to those problems.

Table 10-1 Local SRB: Host Cannot Connect to Server  

Possible Problem
Solution

Ring number mismatch

A router interface configured for bridging fails to insert into a ring when it detects a ring number mismatch, and it posts an error message to the console.

1. Get the ring number (specified in hexadecimal) from IBM SRBs (either by examining the configuration of other SRBs or from the system administrator).

2. Use the show running-config (or simply show run) privileged exec command to view the configuration of routers configured as SRBs. Look for source-bridge interface configuration command entries that assign ring numbers (displayed in decimal) to the rings that are connected to the router's interfaces.1

For example, the following configuration entry shows the entry for local ring 10, bridge number 500, and remote ring 20:

source-bridge 10 500 20

Note: Parallel bridges situated between the same two rings must have different bridge numbers.

3. Convert IBM SRB ring numbers to decimal, and verify that the ring numbers configured on all internetworking nodes agree.

4. If the ring numbers do not agree, reconfigure the router interface or IBM SRBs so that the ring numbers match. Use the source-bridge command to make configuration changes; the syntax is as follows:

source-bridge source-ring-number bridge-number target-ring-number [conserve-ring]

Syntax description:

source-ring-number—Ring number for the interface's Token Ring or FDDI2 ring. It must be a decimal number in the range 1 to 4095 that uniquely identifies a network segment or ring within the bridged Token Ring or FDDI network.

bridge-number—Number that uniquely identifies the bridge connecting the source and target rings. It must be a decimal number in the range 1 to 15.

target-ring-number—Ring number of the destination ring on this router. It must be unique within the bridged Token Ring or FDDI network. The target ring can also be a ring group. This must be a decimal number.

Ring number mismatch (continued)

conserve-ring—(Optional) Keyword to enable SRB over Frame Relay. When this option is configured, the SRB software does not add the ring number associated with the Frame Relay PVC,3 the partner's virtual ring, to outbound explorer frames. This option is permitted for Frame Relay subinterfaces only.

Example:

In the following example, Token Rings 129 and 130 are connected via a router: 

interface tokenring 0

 source-bridge 129 1 130

!

interface tokenring 1

 source-bridge active 130 1 129

End system that does not support RIF4

1. Place a network analyzer on the same ring to which the end system is connected.

2. Look for RIF frames sent from the end system (RIF frames have the high-order bit of the source MAC5 address set to 1).

3. If no RIF frames are found, the end system does not support RIF and cannot participate in source routing.

If the protocol is routable, you can route the protocol or configure transparent bridging. If you use transparent bridging, be careful not to create loops between the SRB and the transparent bridging domains.

4. If your environment requires SRB, contact your workstation or server vendor for SRB drivers or for information about setting up your workstation or server to support SRB.

Hop count exceeded

Use the show protocol route command to check the hop count values on routers and bridges in the path. Packets that exceed the hop count are dropped.

Alternatively, you can enable the debug source event privileged exec command to see whether packets are being dropped because the hop count has been exceeded.

Hop count exceeded (continued)

Caution: Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support staff. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use. Remember to use the undebug all command to turn off debugging after troubleshooting.

Increase the hop count if it is less than the default value, 7. Otherwise, the network must be redesigned so that no destination is more than seven hops away.

Router that is not configured to forward spanning explorers

Spanning explorer packets are equivalent to a single-route broadcast. Routers must therefore be configured to route them.

1. Use the show source-bridge exec command to determine whether the spanning explorer count is incrementing.

2. If the spanning explorer count is not incrementing, use the show running-config privileged exec command on routers to see whether the source-bridge spanning interface configuration command is configured. This command configures the router to forward spanning explorers.

3. If the command entry is not present in the configuration, add it to any router that is required to pass spanning explorers. The command syntax is as follows:

source-bridge spanning bridge-group [path-cost path-cost]

Syntax description:

bridge-group—Number in the range 1 to 9 that you choose to refer to a particular group of bridged interfaces.

path-cost—(Optional) Path cost for a specified interface.

path-cost—(Optional) Path cost for the interface. The valid range is 0 to 65535.

Example:

The following example adds Token Ring 0 to bridge group 1 and assigns a path cost of 12 to Token Ring 0:

interface tokenring 0

source-bridge spanning 1 path-cost 12

4. Use the show source-bridge exec command to determine whether explorers are being sent.

Router that is not configured to forward spanning explorers (continued)

5. If explorers are not being sent, place a network analyzer on the same ring to which the end system is connected.

6. If you find spanning all-ring frames, use the show running-config privileged exec command to make sure that the router is properly configured. If sessions still cannot be established over the SRB, contact your technical support representative for more assistance.

1 Although you can enter the ring number in hexadecimal or decimal, it always appears in the configuration as a decimal number.

2 FDDI = Fiber Distributed Data Interface

3 PVC= permanent virtual circuit

4 RIF = routing information field

5 MAC = Media Access Control


Local SRB: Routing Does Not Function

Symptom: Routed protocols are not forwarded properly by routers in a local SRB environment. SRBs bridge traffic normally.

Table 10-2 outlines the problems that might cause this symptom and describes solutions to those problems.

Table 10-2 Local SRB: Routing Does Not Function 

Possible Problem
Solution

Routing problem

For detailed information on troubleshooting routing problems, refer to the chapters in this book that cover the routing protocols in question. For example, if you are running Novell IPX, see Chapter 8, "Troubleshooting Novell IPX."

Missing multiring command

1. Use the show running-config privileged exec command on the router. Look for a multiring interface configuration command entry. This command enables the collection and use of RIF information on router interfaces.

2. If the multiring command is not present, add the command to the configuration using the following command:

C4000(config-if)#multiring all

Incomplete ARP1 table

1. Determine whether you can ping hosts.

2. If the host does not respond, use the show arp exec command to determine whether an entry for the host exists in the ARP table.

3. If an entry exists, there is probably a routing problem. Determine whether you have a source-route path to the destination hardware (MAC) address. Use the show rif exec command to match the RIF with the hardware address of the host.

4. If no entry exists, use a network analyzer to see whether ARP requests are getting through to the remote ring and to see whether replies come back.

1 ARP=Address Resolution Protocol


RSRB: Host Cannot Connect to Server (Peers Not Open)

Symptom: Hosts cannot make connections to servers across a router configured as a remote source-routing bridge (RSRB). The output of the show source-bridge privileged exec command shows that SRB peers are not open.

Note If you succeed in getting peers to open, but hosts are still incapable of communicating with servers, refer to the section "RSRB: Host Cannot Connect to Server (Peers Open)," later in this chapter.

Table 10-3 outlines the problems that might cause this symptom and describes solutions to those problems.

Table 10-3 RSRB: Host Cannot Connect to Server (Peers Not Open) 

Possible Problem
Solution

Missing or misconfigured source-bridge remote-peer command on the router

1. Use the show source-bridge exec command to check for remote peers.

If the output shows that peers are open, refer to the section "RSRB: Host Cannot Connect to Server (Peers Open)," later in this chapter.

Missing or misconfigured source-bridge remote-peer command on the router (continued)

2. If the output shows that peers are not open, use the show running-config privileged exec command to view the router configuration. Verify that two source-bridge remote-peer global configuration command entries are present—one should point to the IP address of the local router, and the other should point to the IP address of the remote router.

3. If either or both of the commands are missing or point to the wrong address, add or modify the commands as required.

For detailed information about configuring routers for RSRB, see the Cisco IOS Bridging and IBM Networking Configuration Guide and Bridging and IBM Networking Command Reference.

No route to the remote peer

If you are using TCP1 or FST2 encapsulation between the local and remote SRB, follow these steps:

1. Test IP connectivity using the extended ping privileged exec command. Use the local peer ID as the source address, and the remote peer ID as the destination address.

2. If the ping fails, use the show ip route exec command to view the IP routing table.

3. If the show ip route output does not show a route to the intended remote peer, there is probably an IP routing problem, or a problem with the hardware or cabling in the path from the local to the remote SRB.

For information on troubleshooting IP routing, refer to Chapter 7, "Troubleshooting TCP/IP." For information about troubleshooting hardware problems, see Chapter 3, "Troubleshooting Hardware and Booting."

Serial link problem

If there is a direct connection between the local and remote SRB (that is, if you are not using FST or TCP encapsulation), follow these steps:

1. Check to make sure that the next-hop router is directly adjacent.

2. If the router is adjacent, perform other tests to ensure that the link is functioning properly. For more information, refer to Chapter 15, "Troubleshooting Serial Lines."

3. If the next hop is not directly adjacent, redesign your network so that it is.

End system that is not generating explorer traffic

1. Use the show source-bridge privileged exec command to see whether the explorer count is incrementing.

2. If the explorer count is not incrementing, use the show running-config privileged exec command to view the router configuration. Check for a source-bridge spanning interface configuration command on the local and remote routers.

3. If the source-bridge spanning command is not configured on the routers, configure it on the interfaces connecting the local and remote SRBs. This command is required if the end system is using single-route explorers. The command syntax is as follows:

source-bridge spanning bridge-group [path-cost path-cost]

Syntax description:

bridge-group—Number in the range 1 to 9 that you choose to refer to a particular group of bridged interfaces.

path-cost—(Optional) Path cost for a specified interface.

path-cost—(Optional) Path cost for the interface. The valid range is 0 to 65535.

Example:

The following example adds Token Ring 0 to bridge group 1 and assigns a path cost of 12 to Token Ring 0:

interface tokenring 0

source-bridge spanning 1 path-cost 12

Encapsulation mismatch

1. Use the show interfaces exec command to verify that the interface and line protocol are up. If the status line indicates any other state, refer to Chapter 15.

2. Verify that the configured encapsulation type matches the requirements of the network to which the serial interface is attached.

For example, if the serial interface is attached to a leased line but the configured encapsulation type is Frame Relay, there is an encapsulation mismatch.

3. To resolve the mismatch, change the encapsulation type on the serial interface to the type appropriate for the attached network—for example, change from frame-relay to hdlc.

Hop count exceeded

1. Use the show protocol route command to check the hop count values on routers and bridges in the path. Packets that exceed the hop count are dropped.

Alternatively, you can enable the debug source event privileged exec command to see whether packets are being dropped because the hop count has been exceeded.

Caution: Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support staff. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

2. Increase the hop count if it is less than the default value, 7. Otherwise, the network must be redesigned so that no destination is greater than seven hops away.

1 TCP=Transmission Control Protocol

2 FST=Fast Sequenced Transport


RSRB: Host Cannot Connect to Server (Peers Open)

Symptom: Hosts cannot make connections to servers across a router configured as an RSRB. The output of the show source-bridge privileged exec command shows that SRB peers are open.

The following is an example of output from the show source-bridge command: 

ionesco#show source-bridge

[...]

Peers:                 state   lv  pkts_rx  pkts_tx  expl_gn    drops TCP

   TCP 150.136.92.92     -       2       0        0          0     0    0

   TCP 150.136.93.93     open    2*     18       18          3     0    0

[...]

Table 10-4 outlines the problems that might cause this symptom and describes solutions to those problems.

Table 10-4 RSRB: Host Cannot Connect to Server (Peers Open) 

Possible Problem
Solution

End system misconfiguration

1. If the end system is on the ring local to the router, use the show lnm station privileged exec command on the local router. This command lists the stations on the local ring.

The following is an example of the show lnm station command:

show lnm station [address]

Syntax description:

address—(Optional) Address of a specific LNM1 station

Sample Display:

The following is sample output from the show lnm station command when a particular address (in this case, 1000.5abc15) has been specified: 

Router# show lnm station 1000.5a6f.bc15

isolating error counts

    station      int  ring  loc.   weight   line  inter 
burst   ac  abort

1000.5a6f.bc15    T1  0001  0000   00 - N   00000 00000 
00000 00000 00000

Unique ID:  0000.0000.0000          NAUN: 0000.3000.abc4

Functional: C000.0000.0000         Group: C000.0000.0000

Physical Location:   00000        Enabled Classes:  0000

Allowed Priority:    00000        Address Modifier: 0000

Product ID:     00000000.00000000.00000000.00000000.0000

Ucode Level:    00000000.00000000.0000

Station Status: 00000000.0000

Last transmit status: 00

2. Check the command output for the MAC address of the workstation or server. If the MAC address is not present in the output, check the configuration of the end system.

3. If the problem persists, use a network analyzer to check network traffic generated by the end system. If you do not have a network analyzer, use the debug token-ring and the debug source-bridge commands.

Caution: Using the debug token-ring and the debug source-bridge commands on a heavily loaded router is not advised. These commands can cause further network degradation or complete network failure if not used judiciously.

4. Check the output of the debug commands to see whether the end system is sending traffic to the correct MAC addresses or destination names (in the case of NetBIOS).

End system that does not support RIF

1. Place a network analyzer on the same ring to which the end system is connected.

2. Look for RIF frames sent from the end system (RIF frames have the high-order bit of the source MAC address set to 1).

3. If no RIF frames are seen, the end system does not support RIF and cannot participate in source routing.

If the protocol is routable, you can route the protocol or configure transparent bridging. If you use transparent bridging, be careful not to create loops between the SRB and the transparent bridging domains.

4. If your environment requires SRB, contact your workstation or server vendor for SRB drivers or for information about setting up your workstation or server to support SRB.

Explorer traffic that is not reaching remote ring

1. Using a network analyzer or the debug source-bridge command, watch network traffic to see whether explorers from the end system reach the remote ring.

2. If traffic reaches the remote ring successfully, check the configuration of the destination end system (for example, a server) to see why that station does not reply to the explorer traffic from the source.

If traffic does not reach the remote ring, use the show source-bridge command to check ring lists. If information about the ring has not been learned, check router configurations.

3. If you are using NetBIOS, use the show netbios name-cache exec command to see whether traffic is passing through the network properly. If it is not, check router configurations.

For detailed information about configuring routers for RSRB, refer to the Cisco IOS Bridging and IBM Networking Configuration Guide and Bridging and IBM Networking Command Reference.

1 LNM=LAN Network Manager


RSRB: Periodic Communication Failures

Symptom: Communication failures occur periodically over a router configured as an RSRB.

Table 10-5 outlines the problems that might cause this symptom and describes solutions to those problems.

Table 10-5 RSRB: Periodic Communication Failures 

Possible Problem
Solution

Misconfigured T1 timers

If you are not using local acknowledgment, misconfigured T1 timers can cause periodic timeouts.

1. Use a network analyzer to see how long it takes for packets to travel from one end of the network to the other. (Note: Inserting a network analyzer to a T1 circuit will bring the circuit down.)

2. Use a ping test to the remote router, and note the round-trip delay. Compare this value with the configured T1 timer values on end systems.

3. If the round-trip delay is close to or exceeds the T1 timer value, acknowledgments are probably being delayed or dropped by the WAN. For delays, increase the T1 configuration on end systems. For drops, check buffers and interface queues.

4. Enable local acknowledgment to see whether that solves the problem.

WAN link problem

For information on troubleshooting serial line problems, refer to Chapter 15. For information on troubleshooting different WAN environments, refer to the appropriate chapter elsewhere in this book.


RSRB: NetBIOS Client Cannot Connect to Server

Symptom: NetBIOS clients cannot connect to NetBIOS servers over a router configured as an RSRB.

Table 10-6 outlines the problems that might cause this symptom and describes solutions to those problems.

Possible Problem
Solution

Incorrect mapping of NetBIOS name cache server-to-client mapping

1. For each router on which NetBIOS name caching is enabled, use the show rif exec command to determine whether the RIF entry shows the correct path from the router to both the client and the server.

Incorrect mapping of NetBIOS name cache server-to-client mapping (continued)

The following is an example of the show rif exec command: 

cantatrice#show rif

Codes: * interface, - static, + remote

Hardware Addr  How   Idle (min)  Routing Information 
Field

5C02.0001.4322 rg5           -   0630.0053.00B0

5A00.0000.2333 TR0           3   08B0.0101.2201.0FF0

5B01.0000.4444 -             -   -

0000.1403.4800 TR1           0   -

0000.2805.4C00 TR0           *   -

0000.2807.4C00 TR1           *   -

0000.28A8.4800 TR0           0   -

0077.2201.0001 rg5          10   0830.0052.2201.0FF0

In this display, entries marked with an asterisk (*) are the router's interface addresses. Entries marked with a dash (-) are static entries. Entries with a number denote cached entries. If the RIF timeout is set to something other than the default of 15 minutes, the timeout is displayed at the top of the display.

2. Use the show running-config privileged exec command to view the router configuration. Make sure that the source-bridge proxy-explorer interface configuration command is included in the Token Ring configuration. Proxy explorers must be enabled on any interface that uses NetBIOS name caching.

3. Use the show netbios-cache exec command to see whether the NetBIOS cache entry shows the correct mappings of server and client names to MAC addresses.

The following is an example of the show netbios-cache exec command: 

cantatrice#show netbios-cache

  HW Addr          Name            How       Idle      
NetBIOS Packet

                                                       
Savings

1000.5a89.449a     IC6W06_B        TR1       6         
0

1000.5a8b.14e5     IC_9Q07A        TR1       2         
0

1000.5a25.1b12     IC9Q19_A        TR1       7         
0

1000.5a25.1b12     IC9Q19_A        TR1       10        
0

1000.5a8c.7bb1     BKELSA1         TR1       4         
0

1000.5a8b.6c7c     ICELSB1         TR1       -         
0

1000.5a31.df39     ICASC_01        TR1       -         
0

1000.5ada.47af     BKELSA2         TR1       10        
0

1000.5a8f.018a     ICELSC1         TR1       1         
0

Incorrect mapping of NetBIOS name cache server-to-client mapping (continued)

The following are the fields reported by the show netbios-cache command:

show netbios—Cache field descriptions.

HW Addr—MAC address mapped to the NetBIOS name in this entry.

Name—NetBIOS name mapped to the MAC address in this entry.

How—Interface through which this information was learned.

Idle—Period of time (in seconds) since this entry was last accessed. A hyphen in this column indicates that it is a static entry in the NetBIOS name cache.

NetBIOS Packet Savings—Number of packets to which local replies were made (thus preventing transmission of these packets over the network).

4. Use the show running-config privileged exec command at each router to examine the mapping of addresses specified in netbios name-cache global configuration command entries.

The following example shows a configuration in which the NetBIOS server is accessed remotely: 

source-bridge ring-group 2

rif 0110.2222.3333 0630.021.0030 ring group 2

netbios name-cache 0110.2222.3333 DEF ring-group 2

Misconfigured source-bridge command

1. For each router on which NetBIOS name caching is enabled, use the show source-bridge command to obtain the version of the remote connection. The value specified should be 2 or 3. If the value is 1, connections will not get through, and you must modify your configuration.

Misconfigured source-bridge command

Example:

The following is sample output from the show source-bridge command: 

Router# show source-bridge

Local Interfaces:            receive       transmit

             srn bn  trn r p s n  max hops     cnt         
cnt        drops

TR0            5  1   10 *   *          7    39:1002     
23:62923 

Ring Group 10:

  This peer: TCP 150.136.92.92

   Maximum output TCP queue length, per peer: 100

  Peers:                 state   lv  pkts_rx  
pkts_tx  expl_gn    drops TCP

   TCP 150.136.92.92     -       2       0        0          
0     0    0

   TCP 150.136.93.93     open    2*     18       18          
3     0    0

Rings:

   bn: 1 rn: 5    local  ma: 4000.3080.844b 
TokenRing0            fwd: 18

   bn: 1 rn: 2   remote  ma: 4000.3080.8473 TCP 
150.136.93.93     fwd: 36

Explorers: ------- input -------             ------- 
output -------

       spanning  all-rings     total      spanning  
all-rings     total

  TR0         0          3         3             3          
5         8

Router#

2. If the router is running a software release prior to Cisco IOS Release 10.0, specify either version 2 or version 3 in the source-bridge remote-peer interface configuration command. The syntax is as follows:

source-bridge remote-peer ring-group tcp ip-address [lf size] [local-ack] [priority] [version number]

If the router is running Cisco IOS Release 10.0 or later, the specification of a version is ignored.

For more information, refer to the Cisco IOS Bridging and IBM Networking Configuration Guide and Bridging and IBM Networking Command Reference.


Translational Bridging: Client Cannot Connect to Server

Symptom: Clients cannot communicate over a router configured as a translational bridge.

Caution In certain situations, replacing existing translational bridges with Cisco translational bridges can cause interoperability problems. Some translational bridge implementations map functional addresses between media (such as local-area transport [LAT] functional address 0900.2B00.00FA on Ethernet) to a broadcast address on the Token Ring side (such as C000.FFFF.FFFF). Cisco does not support this functionality. Furthermore, you cannot use translational bridging with any protocol that embeds the MAC address of a station inside the Information field of the MAC frames (examples include IP ARP and Novell IPX).

Table 10-7 outlines the problems that might cause this symptom and describes solutions to those problems.

Table 10-6 Translational Bridging: Client Cannot Connect to Server 

Possible Problem
Solution

Media problem

Verify the line using the show interfaces exec command. If the interface or line protocol is down, troubleshoot the media. For LAN media, refer to the chapter that covers your media type.

Ethernet-to-Token Ring address mapping that is misconfigured

1. Use the show bridge exec command to verify the existence of the Ethernet station.

Ethernet and Token Ring addresses use opposite bit ordering schemes. The Token Ring address 0110.2222.3333 is equivalent to the Ethernet address 8008.4444.cccc.

2. Use the show spanning exec command to determine whether the Ethernet port is in forwarding mode.

Ethernet-to-Token Ring address mapping that is misconfigured (continued)

Example:

The following is sample output from the show span command: 

RouterA> show span

Bridge Group 1 is executing the IBM compatible 
spanning tree protocol

  Bridge Identifier has priority 32768, address 
0000.0c0c.f68b

  Configured hello time 2, max age 6, forward delay 
4

  Current root has priority 32768, address 
0000.0c0c.f573

  Root port is 001A (TokenRing0/0), cost of root 
path is 16

  Topology change flag not set, detected flag not 
set

  Times:  hold 1, topology change 30, notification 
30

          hello 2, max age 6, forward delay 4, aging 
300

  Timers: hello 0, topology change 0, notification 0

Port 001A (TokenRing0/0) of bridge group 1 is 
forwarding. Path cost 16

   Designated root has priority 32768, address 
0000.0c0c.f573

   Designated bridge has priority 32768, address 
0000.0c0c.f573

   Designated port is 001B, path cost 0, peer 0

   Timers: message age 1, forward delay 0, hold 0

Port 002A (TokenRing0/1) of bridge group 1 is 
blocking. Path cost 16

   Designated root has priority 32768, address 
0000.0c0c.f573

   Designated bridge has priority 32768, address 
0000.0c0c.f573

   Designated port is 002B, path cost 0, peer 0

   Timers: message age 0, forward delay 0, hold 0

Port 064A (spanRSRB) of bridge group 1 is disabled. 
Path cost 250

   Designated root has priority 32768, address 
0000.0c0c.f573

   Designated bridge has priority 32768, address 
0000.0c0c.f68b

   Designated port is 064A, path cost 16, peer 0

   Timers: message age 0, forward delay 0, hold 0

A port (spanRSRB) is created with each virtual ring group. The port is disabled until one or more peers go into open state in the ring group.

3. Use the show rif exec command to determine whether the target Token Ring station is visible on the internetwork.

When configured for translational bridging, the router extracts the RIF of a packet received from the Token Ring network and saves it in a table. The router then transmits the packet on the Ethernet network. Later, the router reinserts the RIF when it receives a packet destined for the originating node on the Token Ring side.

Ethernet-to-Token Ring address mapping that is misconfigured (continued)

Example:

The following is sample output from the show rif command: 

Router# show rif

Codes: * interface, - static, + remote

Hardware Addr  How   Idle (min)  Routing Information 
Field

5C02.0001.4322 rg5           -   0630.0053.00B0

5A00.0000.2333 TR0           3   08B0.0101.2201.0FF0

5B01.0000.4444 -             -   -

0000.1403.4800 TR1           0   -

0000.2805.4C00 TR0           *   -

0000.2807.4C00 TR1           *   -

0000.28A8.4800 TR0           0   -

0077.2201.0001 rg5          10   0830.0052.2201.0FF0

4. If Ethernet and Token Ring end systems are visible, statically configure any relevant server MAC addresses in the client configurations so that clients can listen to the server advertisements directly.

One case in which static mapping is required is when bridging DEC LAT traffic over a translational bridge. LAT services on Ethernet are advertised on a multicast address that is mapped by some translational bridges to a broadcast address on the Token Ring side. Routers do not support this mapping.

Vendor code mismatch

Older Token Ring implementations require that the vendor code (OUT1 field) of the SNAP2 header be 000000. Cisco routers modify this field to be 0000F8 to specify that the frame was translated from Ethernet Version 2 to Token Ring. This can cause problems on older Token Ring networks.

Specify the ethernet-transit-oui interface configuration command to force the router to make the vendor code field 000000. This change is frequently required when there are IBM 8209s (IBM Token Ring-to-Ethernet translating bridges) in the network.

The following is an example of the ethernet-transit-oui command:

ethernet-transit-oui [90-compatible | standard | cisco]

Syntax description:

90-compatible—OUI used 0000F8 by default, when talking to other Cisco routers. It provides the most flexibility.

standard—OUI used 000000 when talking to IBM 8209 bridges and other vendor equipment. It does not provide for as much flexibility as the other two choices.

Vendor code mismatch (continued)

cisco—OUI used 00000C, which provided for compatibility with future equipment.

Example:

The following example specifies Cisco's OUI form: 

interface tokenring 0

 ethernet-transit-oui cisco

Cisco and non-Cisco translational bridges in parallel

1. Check for translational bridges in parallel with the Cisco translational bridge. If there are any parallel non-Cisco translational bridges, loops will probably be created.

2. Because implementing translational bridging defeats the spanning-tree mechanism of both transparent bridging and SRB environments, you must eliminate all loops caused by inserting the translational bridge. A transparent spanning tree and a source-bridge spanning tree cannot communicate with one another.

Trying to bridge protocols that embed MAC addresses in the Information field of the MAC frame (such as IP ARP,3 Novell IPX, or AARP4 )

If MAC addresses are embedded in the Information field of the MAC frame, bridges will be incapable of reading the address. Bridges will therefore be incapable of forwarding the traffic.

1. If you are attempting to bridge this type of protocol, route the protocol instead.

2. If you still cannot communicate over the router, contact your technical support representative.

1 OUI=organizationally unique identifier

2 SNAP=Subnetwork Access Protocol

3 ARP=Address Resolution Protocol

4 AARP=AppleTalk Address Resolution Protocol


SRT Bridging: Client Cannot Connect to Server

Symptom: Clients cannot communicate over a router configured to perform SRT bridging. Packets are not forwarded by the SRT bridge.

SRT bridging enables you to implement transparent bridging in Token Ring environments. It is not a means of translating between SRB on a Token Ring and transparent bridging on Ethernet (or other) media.

Table 10-8 outlines the problems that might cause this symptom and describes solutions to those problems.

Table 10-7 SRT Bridging: Client Cannot Connect to Server 

Possible Problem
Solution

Trying to bridge frames containing RIF from Token Ring network to Ethernet network over an SRT bridge

Use translational bridging instead of SRT bridging to allow SRB-to-transparent bridging translation.

Because SRT bridging works only between Ethernet and Token Ring, any packet containing a RIF is dropped when SRT bridging is used.

Attempting to transfer large frame sizes

Problems will occur if Token Ring devices transmit frames exceeding the Ethernet MTU1 of 1500 bytes. Configure hosts on the Token Ring to generate frame sizes less than or equal to the Ethernet MTU.

Trying to bridge protocols that embed the MAC address in the Information field of the MAC frame (such as IP ARP, Novell IPX, or AARP)

If MAC addresses are embedded in the Information field of the MAC frame, bridges will be incapable of reading the address. Bridges will therefore be incapable of forwarding the traffic.

1. If you are attempting to bridge this type of protocol, route the protocol instead.

2. If you still cannot communicate over the router, contact your technical support representative.

Media problem

Verify the line using the show interfaces exec command. If the interface or line protocol is down, troubleshoot the media. For LAN media, refer to the chapter that covers your media type.

1 MTU=maximum transmission unit


SDLC: Router Cannot Communicate with SDLC Device

Symptom: Router cannot communicate with an IBM SDLC device.

Table 10-9 outlines the problems that might cause this symptom and describes solutions to those problems.

Table 10-8 SDLC: Router Cannot Communicate with SDLC Device 

Possible Problem
Solution

Physical layer problem

1. Use the show interfaces exec command to determine whether the interface and line protocol are up.

2. If the interface and line protocol are both up, troubleshoot link-layer problems, as described later in this table.

3. If the output does not indicate that the interface up and the line protocol up, make sure that the device is powered on. Make sure that all cabling is correct, securely connected, and undamaged. Make sure that the cabling does not exceed the recommended length for the speed of the connection.

Physical layer problem (continued)

4. If the interface or line protocol is still down, use a breakout box to check the signals on the line.

Note: On some Cisco platforms, such as the Cisco 7500 running a recent Cisco IOS release, the output of the show interfaces command will indicate the state of line signals.

If the router is full-duplex DCE,1 check for DTR2 and RTS.3 If these signals are not high, proceed to Step 5. If these signals are high, the interface should be up. If it is not, contact your technical support representative.

On a Cisco 7500, if the breakout box shows that the DTR and DTS signals are high, but the show interfaces command shows that they are not, check the router cabling. In particular, make sure that the 60-pin high-density cable is not plugged in to the router upside-down.

If the router is half-duplex DCE, check for DTR. If DTR is not high, proceed to Step 5. If DTR is high, the interface should be up. If it is not, contact your technical support representative.

Note: Half-duplex is not supported on Cisco 7000 series routers.

If the router is full- or half-duplex DTE, check for CD. If CD is not high, proceed to Step 5. If CD is high, the interface should be up. If it is not, contact your technical support representative.

5. If the router is full-duplex DCE, make sure that the device is configured for permanent RTS high. If the device does not allow you to configure permanent RTS, set the signal high by strapping DTR from the device side to RTS on the router side (see Figure 10-5).

6. If the router is DCE, it may be required to provide clock to the device. Make sure that the