Table Of Contents
Troubleshooting LAN Switching Environments
Transparent Bridging Algorithm
How to Learn About These Features
General Switch Troubleshooting Suggestions
Troubleshooting Port Connectivity Problems
Troubleshooting Ethernet 10/100-Mb
Half-/Full-Duplex AutonegotiationTroubleshooting Ethernet Autonegotiation Between Network Infrastructure Devices
Example of Configuring and Troubleshooting Ethernet 10/100-Mb Autonegotiation
Before Calling Cisco Systems' TAC Team
ISL Trunking on Catalyst 5000 and 6000 Family Switches
Troubleshooting ISL Trunking on Catalyst 5000 and 6000 Family Switches
Example of Configuring and Troubleshooting ISL Trunking on Catalyst 5000 and 6000 Family Switches
Possible Combinations of DTP Configurations
Before Calling Cisco Systems' TAC Team
Configuring EtherChannel Switch-to-Switch Connections on Catalyst 4000/5000/6000 Switches
Tasks for Manually Configuring EtherChannel
Verifying the EtherChannel Configuration
Using PAgP to Automatically Configure EtherChannel (Preferred Method)
Waiting Too Long Before Configuring the Other Side
Showing What Happens When a Link Breaks and Is Restored
Using PortFast and Other Commands to Fix End-Station Startup Connectivity Problems
How to Reduce Startup Delay on the Catalyst 4000/5000/6000 Switch
Timing Tests with and Without DTP, PAgP, and PortFast on a Catalyst 5000
How to Reduce Startup Delay on the Catalyst 2900XL/3500XL Switch
Timing Tests on the Catalyst 2900XL
How to Reduce Startup Delay on the Catalyst 1900/2800 Switch
Timing Tests on the Catalyst 1900
An Additional Benefit to PortFast
Commands to Use for Verifying That the Configuration Is Working
Commands to Use for Troubleshooting the Configuration
Configuring and Troubleshooting IP Multilayer Switching
Troubleshooting IP MLS Technology
Before Calling Cisco Systems' TAC Team
Troubleshooting Spanning-Tree Protocol and Related Design Considerations
Spanning-Tree Protocol Failure
Awkward STP Parameter Tuning and Diameter Issues
Use the Diagram of the Network
Restore Connectivity Quickly and Be Ready for Another Time
Designing STP to Avoid Trouble
Minimize the Number of Blocked Ports
Keep STP Even If It Is Not Needed
Keep Traffic Off the Administrative VLAN, and Avoid Having a Single VLAN Spanning the Entire Network
Troubleshooting LAN Switching Environments
The sections in this chapter describe common LAN switch features and offer solutions to some of the most common LAN switching problems. The following items will be covered:
•
LAN Switching Introduction
•
•
•
•
•
•
•
•
•
LAN Switching Introduction
If you are new to LAN switching, then the following sections will take you through some of the main concepts related to switches. One of the prerequisites to troubleshooting any device is to know the rules under which it operates. Switches have become much more complex over the last few years as they have gained popularity and sophistication. The next few paragraphs describe some of the key concepts to know about switches.
Hubs and Switches
Because of the great demand placed on local-area networks, we have seen a shift from a shared-bandwidth network, using hubs and coaxial cable, to a dedicated bandwidth network, using switches. A hub allows multiple devices to be connected to the same network segment. The devices on that segment share the bandwidth with each other. If it is a 10-Mb hub and six devices are connected to six different ports on the hub, all six devices would share the 10 Mb of bandwidth with each other. A 100-Mb hub would share 100 Mb of bandwidth among the connected devices. In terms of the OSI model, a hub would be considered a Layer 1 (physical layer) device. It hears an electrical signal on the wire and passes it along to the other ports.
A switch can physically replace a hub in your network. A switch allows multiple devices to be connected to the same network, just like a hub does, but this is where the similarity ends. A switch allows each connected device to have dedicated bandwidth instead of shared bandwidth. The bandwidth between the switch and the device is reserved for communication to and from that device alone. Six devices connected to six different ports on a 10-Mb switch would each have 10 Mb of bandwidth to work with, instead of sharing that bandwidth with the other devices. A switch can greatly increase the available bandwidth in your network, which can lead to improved network performance.
Bridges and Switches
A basic switch would be considered a Layer 2 device. When we use the word layer, we are referring to the seven-layer OSI model. A switch does not just pass electrical signals along, like a hub does; instead, it assembles the signals into a frame (Layer 2) and then decides what to do with the frame. A switch determines what to do with a frame by borrowing an algorithm from another common networking device, a transparent bridge. Logically, a switch acts just like a transparent bridge would, but it can handle frames much faster than a transparent bridge (because of special hardware and architecture). When a switch decides where the frame should be sent, it passes the frame out the appropriate port (or ports). You can think of a switch as a device creating instantaneous connections between various ports, on a frame-by-frame basis.
VLANs
Because the switch decides on a frame-by-frame basis which ports should exchange data, it is a natural extension to put logic inside the switch to allow it to select ports for special groupings. This grouping of ports is called a virtual local-area network (VLAN). The switch makes sure that traffic from one group of ports never gets sent to other groups of ports (which would be routing). These port groups (VLANs) can each be considered an individual LAN segment.
VLANs are also described as being broadcast domains. This is because of the transparent bridging algorithm, which says that broadcast packets (packets destined for the "all devices" address) should be sent out all ports that are in the same group (that is, in the same VLAN). Therefore, all ports that are in the same VLAN are also in the same broadcast domain.
Transparent Bridging Algorithm
The transparent bridging algorithm and the Spanning-Tree Protocol are covered in more detail elsewhere (see Chapter 20, "Troubleshooting Transparent Bridging Environments"). When a switch receives a frame, it must decide what to do with that frame. It could ignore the frame, it could pass the frame out one other port, or it could pass the frame out many other ports.
To know what to do with the frame, the switch learns the location of all devices on the segment. This location information is placed in a CAM table (Content Addressable Memory, named for the type of memory used to store these tables). The CAM table shows, for each device, the device's MAC address, out which port that MAC address can be found, and which VLAN this port is associated with. The switch continually does this learning process as frames are received into the switch. The switch's CAM table is continually being updated.
This information in the CAM table is used to decide how a received frame should be handled. To decide where to send a frame, the switch looks at the destination MAC address in a received frame and then looks up that destination MAC address in the CAM table. The CAM table shows which port the frame should be sent out for that frame to reach the specified destination MAC address.
These are the basic rules that a switch will use in carrying out the frame forwarding responsibility:
If the destination MAC address is found in the CAM table, then the switch will send the frame out the port that is associated with that destination MAC address in the CAM table. This is called forwarding.
If the associated port to send the frame out is the same port on which the frame originally came in, then there is no need to send the frame back out that same port, and the frame is ignored. This is called filtering.
If the destination MAC address is not in the CAM table (the address is unknown), then the switch will send the frame out all other ports that are in the same VLAN as the received frame. This is called flooding. It will not flood the frame out the same port on which the frame was received.
If the destination MAC address of the received frame is the broadcast address (FFFF.FFFF.FFFF), then the frame is sent out all ports that are in the same VLAN as the received frame. This is also called flooding. The frame will not be sent out the same port on which the frame it was received.
Spanning-Tree Protocol
As we have seen, the transparent bridging algorithm floods unknown and broadcast frames out all the ports that are in the same VLAN as the received frame. This causes a potential problem. If the network devices running this algorithm are connected in a physical loop, then flooded frames (such as broadcasts) will be passed from switch to switch, around and around the loop forever. Depending on the physical connections involved, the frames may actually multiply exponentially as a result of the flooding algorithm, which can cause serious network problems.
There is a benefit to having a physical loop in your network: It can provide redundancy. If one link fails, there is still another way for the traffic to reach its destination. To allow the benefits derived from redundancy, without breaking the network because of flooding, a protocol called the Spanning-Tree Protocol was created. It was standardized in the IEEE 802.1d specification.
The purpose of the Spanning-Tree Protocol is to identify and temporarily block the loops in a network segment or VLAN. The switches run the Spanning-Tree Protocol, which involves electing a root bridge or switch. The other switches measure their distance from the root switch. If there is more than one way to get to the root switch, then there is a loop. The switches follow the algorithm to determine which ports should be blocked to break the loop. STP is dynamic; if a link in the segment fails, then ports that were originally blocking may possibly be changed to forwarding mode.
Trunking
Trunking is a mechanism that is most often used to allow multiple VLANs to function independently across multiple switches. Routers and servers may use trunking as well, which allows them to live simultaneously on multiple VLANs. If your network has only one VLAN in it, then you may never need trunking; if your network has more than one VLAN, however, you will probably want to take advantage of the benefits of trunking.
A port on a switch normally belongs to only one VLAN; any traffic received or sent on this port is assumed to belong to the configured VLAN. A trunk port, on the other hand, is a port that can be configured to send and receive traffic for many VLANs. It accomplishes this by attaching VLAN information to each frame, a process called "tagging" the frame. Also, trunking must be active on both sides of the link; the other side must be expecting frames that include VLAN information for proper communication to occur.
Different methods of trunking exist, depending on the media being used. Trunking methods for Fast Ethernet or Gigabit Ethernet are Inter-Switch Link (ISL) or 802.1q. Trunking over ATM uses LANE. Trunking over FDDI uses 802.10.
EtherChannel
EtherChannel is a technique that can be used when you have multiple connections to the same device. Instead of having each link function independently, EtherChannel groups the ports together to work as one unit. It distributes traffic across all the links and provides redundancy in case one or more links fail. EtherChannel settings must be the same on both sides of the links involved in the channel. Normally, the Spanning-Tree Protocol would block all these parallel connections between devices because they are loops; however, EtherChannel runs "underneath" Spanning-Tree Protocol so that the protocol thinks that all the ports within a given EtherChannel are only a single port.
Multilayer Switching
Multilayer switching (MLS) refers to the capability of a switch to forward frames based on information in the Layer 3 (and sometimes Layer 4) header. This usually applies to IP packets, but now it also can occur for IPX packets. The switch learns how to handle these packets by communicating with one or more routers. Using a simplified explanation, the switch watches how the router processes a packet, and then the switch takes over processing future packets in this same flow. Traditionally, switches have been much faster at switching frames than routers, so to have them offload traffic from the router can result in significant speed improvements. If something changes in the network, the router can tell the switch to erase its Layer 3 cache and build it from scratch again as the situation evolves. The protocol used to communicate with the routers is called Multilayer Switching Protocol (MLSP).
How to Learn About These Features
These are just some of the basic features that switches support. More are being added every day. It is important to understand how your switches work, which features you are using, and how those features should work. One of the best places to learn this information about Cisco switches is on Cisco's web site.
Go to www.cisco.com; under the section "Service & Support," select Technical Documents. From here, select Documentation Home Page to find documentation sets for all Cisco products. The "Multilayer LAN Switches" link will lead you to documentation for all Cisco LAN switches. To learn about the features of a switch, read the "Software Configuration Guide" for the particular release of software that you use. The software configuration guides give you background information about what the feature does and what commands to use to configure it on your switch. All this information is free on the web; you do not even need an account for this documentation because it is available to anyone. Some of these configuration guides can be read in an afternoon and are well worth the time spent.
Another part of Cisco's web site is populated by Cisco's Technical Assistance Center (TAC). It is filled with information designed to help you implement, maintain, and troubleshoot your network. Go to the TAC web site at: www.cisco.com/tac; from here, you can select Products Home Page to get detailed support information organized by specific products, or you can go to the Technologies Home Page to get support information on technology (Fast Ethernet, Spanning-Tree Protocol, trunking, and so on). TAC documents and online tools specific to LAN Technologies are here: www.cisco.com/warp/customer/473/. Some of the material on the TAC web site, and, in particular, the online tools, are accessible only to users with a Cisco support contract.
General Switch Troubleshooting Suggestions
Many ways exist by which to troubleshoot a switch. As the features of switches grow, the possible things that can break also increase. If you develop an approach or test plan for troubleshooting, you will be better off in the long run than if you just try a hit-and-miss approach. Here are some general suggestions for making your troubleshooting more effective:
•
•
•
•
Troubleshooting Port Connectivity Problems
If the port doesn't work, nothing works! Ports are the foundation of your switching network. Some ports have special significance because of their location in the network and the amount of traffic that they carry. These ports would include connections to other switches, routers, and servers. These ports can be more complicated to troubleshoot because they often take advantage of special features such as trunking and EtherChannel. The rest of the ports are significant as well because they connect the actual users of the network.
Many things can cause a port to be nonfunctional: hardware issues, configuration issues, and traffic issues. Let's look at these categories a little deeper.
Hardware Issues
This section discusses issues related to general hardware requirements, copper, and fiber.
General
Port functionality requires two working ports connected by a working cable (assuming that it is of the correct type). Most Cisco switches default to having a port in notconnect state, which means that it is currently not connected to anything but is willing to connect. If you connect a good cable to two switch ports in the notconnect state, the link light should become green for both ports, and the port status should be "connected," which means that the port is up as far as Layer 1 is concerned. The following paragraphs point out items to check if Layer 1 is not up.
Check the port status for both ports involved. Make sure that neither port involved in the link is shut down. The administrator could have manually shut down one or both ports. Software inside the switch could have shut down the port because of configuration error conditions (we will expand on this later). If one side is shut down and the other is not, the status on the enabled side will be notconnect (because it does not sense a neighbor on the other side of the wire). The status on the shut-down side would say something like "disable" or "errDisable" (depending on what actually shut down the port). The link will not come up unless both ports are enabled.
When you hook up a good cable (again, assuming that it is of the correct type) between two enabled ports, both ports should show a green link light within a few seconds. Also, the port state should show "connected" in the command-line interface (CLI). At this point, if you do not have link, your problem is limited to three things: the port on one side, the port on the other side, or the cable in the middle. In some cases, other devices are involved: media converters (fiber-to-copper, and so on), or, on Gigabit links, you may have gigabit interface connectors (GBICs). Still, this is a reasonably limited area to search.
Media converters can add noise to a connection or weaken the signal if they are not functioning correctly. They also add extra connectors that can cause problems, so this is another component to debug.
Check for loose connections. Sometimes a cable appears to be seated in the jack, but it actually isn't; unplug the cable and re-insert it. You should also look for dirt or broken or missing pins. Do this for both ports involved in the connection.
The cable could be plugged into the wrong port, which commonly happens. Make sure that both ends of the cable are plugged into the ports where you really want them.
You also can have a link on one side and not on the other. Check both sides for link. A single broken wire can cause this type of problem.
A link light does not guarantee that the cable is fully functional. It may have encountered physical stress that causes it to be functional at a marginal level. Usually you will notice this if the port has lots of packet errors.
To determine whether the cable is the problem, swap it with a known good cable. Don't just swap it with any other cable; make sure that you swap it with a cable that you know is good and is of the correct type.
If this is a very long cable run (underground, across a large campus, for example), then it would be nice to have a sophisticated cable tester. If you do not have a cable tester, you might consider the following:
•
•
•
Copper
Make sure that you have the correct cable for the type of connection you are making. Category 3 cable can be used for 10 MB UTP connections, but Category 5 should be used for 10/100 connections.
A straight-through RJ-45 cable is used for end stations, routers, or servers to connect to a switch or hub. An Ethernet crossover cable is used for switch-to-switch or hub-to-switch connections. Below is the pin-out for an Ethernet crossover cable. Maximum distances for Ethernet or Fast Ethernet copper wires are 100 meters. A good general rule of thumb is that when crossing an OSI layer, such as between a switch and a router, use a straight-through cable; when connecting two devices in the same OSI layer, such as between two routers or two switches, use a crossover cable. For purposes of this rule only, treat a workstation like a router.
Figure 23-1 shows the pinouts required for a switch-to-switch crossover cable.
Figure 23-1 Illustration of the Pinouts Required for a Switch-to-Switch Crossover Cable
Fiber
For fiber, make sure that you have the correct cable for the distances involved and the type of fiber ports being used (single mode, multimode). Make sure that the ports being connected are both single-mode or both multimode ports. Single-mode fiber generally reaches 10 km, and multimode fiber can usually reach 2 km, but the special case of 100BaseFX multimode used in half-duplex mode can go only 400 meters.
For fiber connections, make sure that the transmit lead of one port is connected to the receive lead of the other port, and vice versa; transmit-to-transmit and receive-to-receive will not work.
For gigabit connections, GBICs must be matched on each side of the connection. There are different types of GBICs, depending on the cable and distances involved: short wavelength (SX), long wavelength/long haul (LX/LH), and extended distance (ZX). An SX GBIC needs to connect with an SX GBIC; an SX GBIC will not link with an LX GBIC. Also, some gigabit connections require conditioning cables, depending on the lengths involved. Refer to the GBIC installation notes (for examples, see www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/cnfg_nts/ethernet/5399_01.htm).
If your gigabit link will not come up, check to make sure that the flow control and port negotiation settings are consistent on both sides of the link. There could be incompatibilities in the implementation of these features if the switches being connected are from different vendors. If in doubt, turn off these features on both switches.
Configuration Issues
Another cause of port connectivity issues is incorrect software configuration of the switch. If a port has a solid orange light, it means that software inside the switch shut down the port, either by way of the user interface or by internal processes.
Make sure that the administrator has not shut down the ports involved (as mentioned earlier). The administrator could have manually shut down the port on one side of the link. This link will not come up until you re-enable the port; check the port status.
Some switches, such as the Catalyst 4000/5000/6000, may shut down the port if software processes inside the switch detect an error. When you look at the port status, it will read "errDisable." You must fix the configuration problem and then manually take the port out of errDisable state. Some newer software versions—CatOS 5.4(1) and later—have the capability to automatically re-enable a port after a configurable amount of time spent in the errDisable state. Some of the causes for this errDisable state are listed here:
•
•
•
•
•
•
Another cause of inactive ports occurs when the VLAN to which the ports belong disappears. Each port in a switch belongs to a VLAN. If that VLAN is deleted, then the port will become inactive. Some switches show a steady orange light on each port in which this has happened. If you come to work one day and see hundreds of orange lights, don't panic; it could be that all the ports belonged to the same VLAN and someone accidentally deleted the VLAN to which the ports belong. When you add the VLAN back into the VLAN table, the ports will become active again because a port remembers its assigned VLAN.
If you have a link and the ports show that they are connected, but you cannot communicate with another device, this can be particularly perplexing. It usually indicates a problem above the physical layer: Layer 2 or Layer 3. Try the actions suggested in the next paragraphs.
Check the trunking mode on each side of the link. Make sure that both sides are in the same mode. If you turn the trunking mode to on (as opposed to auto or desirable) for one port, and the other port has the trunking mode set to off, the ports will not be capable of communicating. Trunking changes the formatting of the packet; the ports must be in agreement as to what format they are using on the link, or they will not understand each other.
Make sure that all devices are in the same VLAN. If they are not in the same VLAN, then a router must be configured to allow the devices to communicate.
Make sure that your Layer 3 addressing is correctly configured.
Traffic Issues
In this section, we describe some of the things you can learn by looking at a port's traffic information. Most switches have some way to track the packets going in and out of a port. Commands that generate this type of output on the Catalyst 4000/5000/6000 switches are show port and show mac. Output from these commands on the 4000/5000/6000 switches is described in the switch command references.
Some of these port traffic fields show how much data is being transmitted and received on the port. Other fields show how many error frames are being encountered on the port. If you have a large amount of alignment errors, FCS errors, or late collisions, this may indicate a duplex mismatch on the wire. Other causes for these types of errors may be bad network interface cards or cable problems. If you have a large number of deferred frames, it is a sign that your segment has too much traffic; the switch is not capable of sending enough traffic on the wire to empty its buffers. Consider removing some devices to another segment.
Switch Hardware Failure
If you have tried everything you can think of and the port will not work, there might be faulty hardware.
Sometimes ports are damaged by electrostatic discharge (ESD). You may or may not see any indication of this.
Look at the power-on self-test (POST) results from the switch to see whether any failures are indicated for any part of the switch.
If you see behavior that can be considered "strange," this could indicate hardware problems, but it could also indicate software problems. It is usually easier to reload the software than it is to get new hardware. Try working with the switch software first.
The operating system might have a bug. Loading a newer operating system could fix this. You can research known bugs by reading the release notes for the version of code that you are using or by using Cisco's Bug Navigator tool (www.cisco.com/support/bugtools).
The operating system could have somehow become corrupted. Reloading the same version of the operating system could fix the problem.
If the status light on the switch is flashing orange, this usually means that there is some kind of hardware problem with the port or the module or the switch. The same thing is true if the port or module status indicates "faulty."
Before exchanging the switch hardware, you might try a few things:
•
•
•
•
Troubleshooting Ethernet 10/100-Mb
Half-/Full-Duplex AutonegotiationThis section presents general troubleshooting information and a discussion of techniques for troubleshooting Ethernet autonegotiation.
•
•
Introduction
Autonegotiation is an optional function of the IEEE 802.3u Fast Ethernet standard that enables devices to automatically exchange information over a link about speed and duplex capabilities.
Autonegotiation is targeted at ports, which are allocated to areas where transient users or devices connect to a network. For example, many companies provide shared offices or cubes for account managers and system engineers to use when they are in the office rather than on the road. Each office or cube will have an Ethernet port permanently connected to the office's network. Because it may not be possible to ensure that every user has either a 10-Mb, a 100-Mb Ethernet, or a 10/100-Mb card in their laptops, the switch ports that handle these connections must be capable of negotiating their speed and duplex mode. The alternative would be to provide both a 10-Mb and a 100-Mb port in each office or cube and then label them accordingly.
Autonegotiation should not be used for ports that support network infrastructure devices such as switches and routers, or other nontransient end systems such as servers and printers. Although autonegotiation for speed and duplex is normally the default behavior on switch ports that are capable of it, ports connected to fixed devices should always be configured for the correct behavior rather than allowed to negotiate it. This eliminates any potential negotiation issues and ensures that you always know exactly how the ports should be operating. For example, a 10/100BaseTX Ethernet switch-to-switch link that has been configured for 100 Mb full-duplex will operate only at that speed and mode. There is no possibility for the ports to downgrade the link to a slower speed during a port reset or a switch reset. If the ports cannot operate as configured, they should stop passing any traffic. On the other hand, a switch-to-switch link that has been allowed to negotiate its behavior could end up operating at 10 Mb half-duplex. A nonfunctional link is usually easier to discover than a link that is operational but not operating at the expected speed or mode.
One of the most common causes of performance issues on 10/100-Mb Ethernet links is one port on the link operating at half-duplex mode while the other port is operating at full-duplex mode. This occasionally happens when one or both ports on a link are reset and the autonegotiation process doesn't result in the same configuration for both link partners. It also happens when users reconfigure one side of a link and forget to reconfigure the other side. Many performance-related support calls will be avoided by creating a policy that requires ports for all nontransient devices to be configured for their required behavior and enforcing the policy with adequate change control measures.
Troubleshooting Ethernet Autonegotiation Between Network Infrastructure Devices
Figure 23-2 show the process you should follow in troubleshooting Ethernet autonegotiation between network infrastructure devices.
Figure 23-2 Troubleshooting Ethernet Autonegotiation
Procedures and Scenarios
Figure 23-3 shows a scenario using Cat 5k to Cat 5k, using Fast Ethernet.
Figure 23-3 Scenario 1: Cat 5K to Cat 5K, Using Fast Ethernet
Example of Configuring and Troubleshooting Ethernet 10/100-Mb Autonegotiation
This section walks you through examining the behavior of a 10/100-Mb Ethernet port that supports autonegotiation. It will also show how to make changes to its default behavior and how to restore it to the default behavior.
Tasks That Will Be Performed
In this section, you'll perform these tasks:
•
•
•
•
•
•
•
•
•
•
•
•
The following steps are performed on the console of a Catalyst 5K switch.
Step 1
Enter this command for both of the ports that you are troubleshooting. Both ports must support the speed and duplex capabilities shown here if they are supposed to be using autonegotiation.
The italic text in the output shows where the information on the speed and duplex mode capabilities will be found.
Switch-A> (enable) show port capabilities 1/1Model WS-X5530Port 1/1Type 10/100BaseTXSpeed auto,10,100Duplex half,fullStep 2
Switch-A> (enable) set port speed 1/1 autoPort(s) 1/1 speed set to auto detect.Switch-A (enable)
Note
Step 3
Switch-A> (enable) show port 1/1Port Name Status Vlan Level Duplex Speed Type----- ------------------ ---------- ---------- ------ ------ ----- ------------1/1 connected 1 normal a-full a-100 10/100BaseTXSwitch-B> (enable) show port 1/1Port Name Status Vlan Level Duplex Speed Type----- ------------------ ---------- ---------- ------ ------ ----- -----------1/1 connected 1 normal a-full a-100 10/100BaseTXThe italic text in this output shows where the information on the current status of a port can be found. Note that most of the normal output from the show port {mod_num/port_num} command has been omitted.
The "a-" prefixes on the "full" and "100" indicate that this port has not been hard-coded (configured) for a specific duplex mode or speed. Therefore, it is willing to autonegotiate its duplex mode and speed if the device it is connected to (its link partner) is also willing to autonegotiate its duplex mode and speed.
Also note that the status shows "connected" on both ports, which means that a link pulse has been detected from the other port. The status can show "connected" even if duplex has been incorrectly negotiated or misconfigured.
Step 4
Switch-A> (enable) set port speed 1/1 10Port(s) 1/1 speed set to 10Mbps.Switch-A> (enable)
Note
When a port has been configured for a speed, its duplex mode will automatically be configured for the mode that it had previously negotiated—in this case, full duplex. Therefore, entering the set port speed 1/1 10 command caused the duplex mode on port 1/1 to be configured as if the command set port duplex 1/1 full had also been entered. This is explained in the next step.
Step 5
The absence of the "a-" prefix in the status fields of the output from the show port 1/1 command on Switch A shows that the duplex mode is now configured for full-duplex operation, and the speed is now configured for 10 Mb.
Switch-A> (enable) show port 1/1Port Name Status Vlan Level Duplex Speed Type----- ------------------ ---------- ---------- ------ ------ ----- ------------1/1 connected 1 normal full 10 10/100BaseTXStep 6
Switch-B> (enable) show port 1/1Port Name Status Vlan Level Duplex Speed Type----- ------------------ ---------- ---------- ------ ------ ----- ------------1/1 connected 1 normal a-half a-10 10/100BaseTXThis step shows that it is possible for a link partner to detect the speed at which the other link partner is operating, even though the other link partner is not configured for autonegotiation. Sensing the type of electrical signal that is arriving to see if it is 10 Mb or 100 Mb does this. This is how Switch B determined that port 1/1 should be operating at 10 Mb.
It is not possible to detect the correct duplex mode in the same way that the correct speed can be detected. In this case, where Switch B's 1/1 port is configured for autonegotiation and Switch A's is not, Switch B's 1/1 port was forced to select the default duplex mode. On Catalyst Ethernet ports, the default mode is autonegotiate and, if autonegotiation fails, then is half-duplex.
This example also shows that a link can be successfully connected when there is a mismatch in the duplex modes. Port 1/1 on Switch A is configured for full-duplex operation, while port 1/1 on Switch B has defaulted to half-duplex operation. To avoid this, always configure both link partners.
The "a-" prefix on the Duplex and Speed status fields does not always mean that the current behavior was negotiated. Sometimes it means only that the port has not been configured for a speed or duplex mode.
The previous output from Switch B shows the Duplex field as "a-half" and the Speed field as "a-10," which indicates that the port is operating at 10 Mb in half-duplex mode. In this example, however, the link partner on this port (port 1/1 on Switch A) is configured for full-duplex mode and 10 Mb. Therefore, it was not possible for port 1/1 on Switch B to have autonegotiated its current behavior. This proves that the "a-" prefix indicates only a willingness to perform autonegotiation, not that autonegotiation actually took place.
Step 7
%CDP-4-DUPLEXMISMATCH:Full/half duplex mismatch detected o1
It is important to note that this message is created by the Cisco Discovery Protocol (CDP), not the 802.3 autonegotiation protocol. CDP can report problems that it discovers, but it typically doesn't automatically fix them.
A duplex mismatch may or may not result in an error message. Another indication of a duplex mismatch is rapidly increasing FCS and alignment errors on the half-duplex side, and "runts" on the full-duplex port (as seen in a sh port {mod_num/port_num}).
Step 8
%PAGP-5-PORTFROMSTP:Port 1/1 left bridge port 1/1%PAGP-5-PORTTOSTP:Port 1/1 joined bridge port 1/1Step 9
Switch-A> (enable) set port duplex 1/1 halfPort(s) 1/1 set to half-duplex.Switch-A> (enable)The show port 1/1 command shows the change in the duplex mode on this port.
Switch-A> (enable) sh port 1/1Port Name Status Vlan Level Duplex Speed Type----- ------------------ ---------- ---------- ------ ------ ----- ------------1/1 connected 1 normal half 10 10/100BaseTXAt this point, ports 1/1 on both switches are operating at half-duplex mode. Port 1/1 on Switch B, however, is still configured to autonegotiate, as shown in the following output of the show port 1/1 command.
Switch-B> (enable) show port 1/1Port Name Status Vlan Level Duplex Speed Type----- ------------------ ---------- ---------- ------ ------ ----- ------------1/1 connected 1 normal a-half a-10 10/100BaseTXThe next step shows how to configure the duplex mode on port 1/1 in Switch B to half-duplex mode. This is in keeping with the recommended policy of always configuring both link partners in the same way.
Step 10
Here is the output of entering the set port duplex 1/1 half command on Switch B:
Switch-B> (enable) set port duplex 1/1 halfPort 1/1 is in auto-sensing mode.Switch-B> (enable)The set port duplex 1/1 half command failed because this command won't work if autonegotiation is enabled. This also means that this command will not disable autonegotiation. Autonegotiation can be disabled only by using the set port speed {mod_num/port_num {10 | 100}} command.
Here is the output of entering the set port speed 1/1 10 command on Switch B:
Switch-B> (enable) set port speed 1/1 10Port(s) 1/1 speed set to 10 Mbps.Switch-B> (enable)Now the set port duplex 1/1 half command on Switch B will work:
Switch-A> (enable) set port duplex 1/1 halfPort(s) 1/1 set to half-duplex.Switch-A> (enable)The show port 1/1 command on Switch B shows that the ports is now configured for half-duplex mode and 10 Mb.
Switch-B> (enable) show port 1/1Port Name Status Vlan Level Duplex Speed Type----- ------------------ ---------- ---------- ------ ------ ----- ------------1/1 connected 1 normal half 10 10/100BaseTX
Note
Step 11
Switch-A> (enable) set port speed 1/1 autoPort(s) 1/1 speed set to auto detect.Switch-A> (enable)
Note
Step 12
Switch-A> (enable) show port 1/1Port Name Status Vlan Level Duplex Speed Type----- ------------------ ---------- ---------- ------ ------ ----- ------------1/1 connected 1 normal a-full a-100 10/100BaseTXSwitch-B> (enable) show port 1/1Port Name Status Vlan Level Duplex Speed Type----- ------------------ ---------- ---------- ------ ------ ----- ------------1/1 connected 1 normal a-full a-100 10/100BaseTXBoth ports are now set to their default behavior of autonegotiation. Both ports have negotiated full-duplex mode and 100 Mb.
Before Calling Cisco Systems' TAC Team
Before calling Cisco Systems' Technical Assistance Center (TAC), make sure that you have read through this chapter and completed the actions suggested for your system's problem.
Additionally, do the following and document the results so that we can better assist you:
•
•
•
Additional Sources
•
ISL Trunking on Catalyst 5000 and 6000 Family Switches
This section illustrates how to create a switch-to-switch Inter-Switch Link (ISL) trunk. Trunk ports enable connections between switches to carry traffic from more than one virtual local-area network (VLAN). Without trunking, a link between two switches can carry only traffic from one VLAN.
•
•
Introduction
Trunking is not required in very simple switched networks with only one VLAN (broadcast domain). In most LANs, a small portion of traffic is made up of special protocols used for managing the network (Cisco Discovery Protocol, Virtual Trunking Protocol, Dynamic Trunking Protocol, Spanning-Tree Protocol, and Port Aggregation Protocol, to name a few examples). The management VLAN (VLAN 1) is also used when you ping or Telnet directly to or from the switch (this VLAN and the IP address of the switch are defined by configuring the sc0 interface, explained later). In a multi-VLAN environment, many network administrators advocate restricting this management traffic to its own VLAN, normally VLAN 1. User traffic is then configured to flow in VLANs other than this default VLAN.
ISL (Cisco proprietary) is one of two possible trunking protocols for Ethernet. The other protocol is the IEEE 802.1q standard.
Troubleshooting ISL Trunking on Catalyst 5000 and 6000 Family Switches
This section will walk the reader through some basic ISL trunking scenarios. The reader will learn basic ISL trunking configuration and troubleshooting skills (Figure 23-4).
Figure 23-4 Troubleshooting ISL Trunking on Catalyst 5000 and 6000 Family Switches
Procedures and/or Scenarios
Scenario: Cat 5K to Cat 5K, using Fast Ethernet for ISL trunking (Figure 23-5).
Figure 23-5
Cat 5K to Cat 5K, Using Fast Ethernet for ISL Trunking
Example of Configuring and Troubleshooting ISL Trunking on Catalyst 5000 and 6000 Family Switches
This section walks you through configuring and troubleshooting ISL trunking.
Tasks That Will Be Performed
In this section, you will perform these tasks:
•
•
•
•
•
•
•
•
•
•
•
•
•
Step-by-Step
The following steps are performed on the console of a Catalyst 5K switch.
Step 1
Use the show port capabilities {module_number}|{module_number/port_number} command on both switches to determine whether the ports that you are using support ISL. In this example, note that the port designator 1/1 has been specified at the end of the command. This limits the response to the information directly applicable to port 1/1.
Switch-A> show port capabilities 1/1Model WS-X5530Port 1/1Type 10/100BaseTXSpeed auto,10,100Duplex half,fullTrunk encap type ISLTrunk mode on,off,desirable,auto,nonegotiateChannel 1/1-2Broadcast suppression percentage(0-100)Flow control noSecurity yesMembership static,dynamicFast start yesQOS n/aRewrite noUDLD Not capableSwitch-A>Step 2
Step 3
Switch-A> (enable) show port 1/1Port Name Status Vlan Level Duplex Speed Type----- ------------------ ---------- ---------- ------ ------ ----- ------------1/1 connected 1 normal a-full a-100 10/100BaseTXSwitch-A> (enable)Step 4
Switch-A> (enable) set int sc0 172.16.84.17 255.255.255.0 172.16.84.255Interface sc0 IP address, netmask, and broadcast set.Switch-A> (enable)Step 5
Switch-A> (enable) show trunk 1/1Port Mode Encapsulation Status Native vlan-------- ----------- ------------- ------------ -----------1/1 auto isl not-trunking 1Port Vlans allowed on trunk-------- ---------------------------------------------------------------------1/1 1-1005Port Vlans allowed and active in management domain-------- ---------------------------------------------------------------------1/1 1Port Vlans in spanning tree forwarding state and not pruned-------- ---------------------------------------------------------------------1/1 1Switch-A> (enable)
Note
The trunking status should read "not-trunking" because the default mode for the Dynamic Trunking Protocol (DTP) is Auto. DTP is the strategic replacement for Dynamic ISL (DISL) because it incorporates support for 802.1q trunking negotiation. DTP is available as of version 4.x Catalyst software and certain hardware modules. The following bullets describe the five different states for which DTP can be configured.
•
•
•
•
•
On an individual trunk link, Cisco generally recommends configuring desirable trunking mode on the port nearest the network core, and auto trunking mode on the other side of the link. To hard-code trunking to be enabled, set the trunking mode on both sides to on; you will need to manually set the VLANs to be forwarded across the trunk link (use the full set trunk command) and ensure that the trunk settings are consistent on either side.
Step 6
Switch-A> ping 172.16.84.18172.16.84.18 is aliveSwitch-A>Step 7
Switch-A> (enable) set vlan 2Vlan 2 configuration successfulSwitch-A> (enable)Step 8
Switch-A> (enable) set int sc0 2Interface sc0 vlan set.Switch-A> (enable)Use the show interface command to view the change that you just made. The following output shows this being done on Switch A.
Switch-A> (enable) sh intsl0: flags=51<UP,POINTOPOINT,RUNNING>slip 0.0.0.0 dest 0.0.0.0sc0: flags=63<UP,BROADCAST,RUNNING>vlan 2 inet 172.16.84.17 netmask 255.255.255.0 broadcast 172.16.84.255Switch-A> (enable)Step 9
Guest
