Layer 2 Switch Troubleshooting
I felt like my last set of notes for the Troubleshooting Toolbox had information that that was hidden in the command output. The output is for myself to play with the commands, however, I don’t want useful information hidden. So I am going to try a different setup with this set of notes and possibly an entirely different format for the next set until I find something that is easy for me to go back and study. Bear with me.
Commands for troubleshooting MAC addresses:
sh mac address-t dyn — Whether or not a host is communicating with the switch.
clear mac address-t dyn — Clear the MAC address address of dynamically learned mac addresses.
show mac-address-table dynamic
Shows the MAC addresses learned by a switch and it’s port. Useful to see whether or not a switch is learning the mac of a host, if the MAC address is not in the table, the problem is upstream from the current switch.
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0012.d9a5.1515 DYNAMIC Po13
1 0012.d9a5.1516 DYNAMIC Po13
10 0000.0c07.ac0a DYNAMIC Po13
10 0004.dd69.fd01 DYNAMIC Fa0/2
10 0012.d9a5.1516 DYNAMIC Po13
10 0012.d9a5.1545 DYNAMIC Po13
10 0018.1825.2546 DYNAMIC Po13
10 00d0.bbef.64c1 DYNAMIC Fa0/1
200 0012.d9a5.1516 DYNAMIC Po13
20 0004.76f2.4ee8 DYNAMIC Po13
20 0012.d9a5.1516 DYNAMIC Po13
20 0018.1825.2547 DYNAMIC Po13
Total Mac Addresses for this criterion: 12
clear mac address-table dynamic
Clear out the table. This way you know a mac address was learned recently. Notice in this sample that the hosts on fa0/1 and 2 had not yet been learned in the first sh mac address-table command.
ASW1#sh mac address-table dynamic
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0012.d9a5.1515 DYNAMIC Po13
1 0012.d9a5.1516 DYNAMIC Po13
10 0000.0c07.ac0a DYNAMIC Po13
10 0012.d9a5.1516 DYNAMIC Po13
10 0012.d9a5.1545 DYNAMIC Po13
10 0018.1825.2546 DYNAMIC Po13
10 00d0.bbef.64c1 DYNAMIC Fa0/1
200 0012.d9a5.1516 DYNAMIC Po13
20 0012.d9a5.1516 DYNAMIC Po13
20 0018.1825.2547 DYNAMIC Po13
Total Mac Addresses for this criterion: 10
ASW1#clear mac-address-table dynamic
ASW1#sh mac address-table dynamic
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0012.d9a5.1516 DYNAMIC Po13
10 0000.0c07.ac0a DYNAMIC Po13
10 0012.d9a5.1516 DYNAMIC Po13
200 0012.d9a5.1516 DYNAMIC Po13
20 0012.d9a5.1516 DYNAMIC Po13
Total Mac Addresses for this criterion: 5
Commands to troubleshoot VLANs:
sh vlan
sh vlan br
sh int tru
sh int fa0/1 swi
show vlan
Allows you to verify a VLAN exists and shows which ports belong ti which VLANs.
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/21, Fa0/23, Fa0/24, Gi0/1
Gi0/2
10 VLAN0010 active Fa0/1, Fa0/2
20 20Testing active
21 SPAN active
200 200Test active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
21 enet 100021 1500 - - - - - 0 0
200 enet 100200 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
21
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
show int trunk
Which ports or trunk ports and what vlans are allowed.
Port Mode Encapsulation Status Native vlan
Po13 on 802.1q trunking 1
Po23 on 802.1q trunking 1
Port Vlans allowed on trunk
Po13 1-4094
Po23 1-4094
Port Vlans allowed and active in management domain
Po13 1,10,20-21,200
Po23 1,10,20-21,200
Port Vlans in spanning tree forwarding state and not pruned
Po13 1,10,20-21,200
Po23 none
show int switchport
Displays summary information about a port.
Name: Fa0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 10 (VLAN0010)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
Etherchannel:
Ehterchannel binds multiple physical interfaces into one logical interface.
Commands to troubleshoot etherchannel:
I include couple of sh run commands because it is most common to have configuration errors when working with etherchannel as you are dealing with multiple switches.
sh etherchannel
sh etherchannel 13 summary
sh int po [13]
sh run int po [13]
sh run | inc chann
show etherchannel 13 summary
A good way to see the protocol and ports in an etherchannel.
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 2
Number of aggregators: 2
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
13 Po13(SU) PAgP Fa0/19(P) Fa0/20(P)
show etherchannel
Show a brief output of the etherchannels configured on the switch.
Channel-group listing:
----------------------
Group: 13
----------
Group state = L2
Ports: 2 Maxports = 8
Port-channels: 1 Max Port-channels = 1
Protocol: PAgP
Group: 23
----------
Group state = L2
Ports: 2 Maxports = 16
Port-channels: 1 Max Port-channels = 1
Protocol: LACP
show int port-channel 13
Shows the typical sh int output.
Port-channel13 is up, line protocol is up (connected)
Hardware is EtherChannel, address is 0013.c36a.4894 (bia 0013.c36a.4894)
MTU 1500 bytes, BW 200000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Full-duplex, 100Mb/s, media type is 10/100BaseTX
input flow-control is off, output flow-control is unsupported
Members in this channel: Fa0/19 Fa0/20
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:14:22, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 3000 bits/sec, 5 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
9393687 packets input, 891352406 bytes, 0 no buffer
Received 8753356 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 8749154 multicast, 0 pause input
0 input packets with dribble condition detected
1294089 packets output, 112429676 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
sh run int po13ASW1#sh run int po13
Current configuration : 93 bytes
!
interface Port-channel13
switchport trunk encapsulation dot1q
switchport mode trunk
end
sh run | inc chann
interface Port-channel13
interface Port-channel23
channel-group 13 mode desirable
channel-group 13 mode desirable
channel-group 23 mode active
channel-group 23 mode active
Thanks, D information was rather helpful, but i have a challenge. After configuring etherchannel on 2 switchports(see config below) i noticed dat none of them are in the port-channel.
interface FastEthernet0/19
description link_01
switchport access vlan 3
switchport mode access
speed 100
duplex full
no cdp enable
lacp port-priority 1
channel-group 4 mode active
!
interface FastEthernet0/20
description link_02
switchport access vlan 3
switchport mode access
speed 100
duplex full
no cdp enable
channel-group 4 mode active
the mode access was because the link is connected to an E1 converter.
see result of sh int po4
sh int port-channel 4
Port-channel4 is down, line protocol is down (notconnect)
Hardware is EtherChannel, address is 0000.0000.0000 (bia 0000.0000.0000)
Description: Coporeti
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Auto-duplex, Auto-speed, link type is auto, media type is unknown
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of “show interface” counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
what cud be the problem and ow do i fix it?
awaiting your response.
I apologize for not answering you sooner. We went to Europe to visit family and I went to watch some of the Tour de France.
If I were you I would check to make sure you have layer 1 connectivity first.
Here is my setup. Cat1 and Cat2 are connected over port 23 and 24 on both switches.
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
...output omitted for brevity...
Cat2 Fas 0/23 138 S I WS-C3550-4Fas 0/23
Cat2 Fas 0/24 138 S I WS-C3550-4Fas 0/24
And the cdp neighbor from the other side, just for kicks.
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Cat1 Fas 0/23 133 S I WS-C3550-2Fas 0/23
Cat1 Fas 0/24 132 S I WS-C3550-2Fas 0/24
Now I know I have connectivity because I see it through CDP neighborship.
So let’s look at the config.
Building configuration...
!
interface Port-channel4
switchport access vlan 3
switchport mode access
!
interface FastEthernet0/23
switchport access vlan 3
switchport mode access
channel-group 4 mode active
!
interface FastEthernet0/24
switchport access vlan 3
switchport mode access
channel-group 4 mode active
And on Cat2.
Building configuration...
!
interface Port-channel4
switchport access vlan 3
switchport mode access
!
interface FastEthernet0/23
switchport access vlan 3
switchport mode access
channel-group 4 mode active
!
interface FastEthernet0/24
switchport access vlan 3
switchport mode access
channel-group 4 mode active
And it is up as well.
Channel-group listing:
----------------------
Group: 4
----------
Group state = L2
Ports: 2 Maxports = 16
Port-channels: 1 Max Port-channels = 1
Protocol: LACP
And more.
Port-channel4 is up, line protocol is up (connected)
Hardware is EtherChannel, address is 0013.c36a.4898 (bia 0013.c36a.4898)
MTU 1500 bytes, BW 200000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Full-duplex, 100Mb/s, media type is 10/100BaseTX