- Introduction
Section, you’ll learn about Cisco router and switch basics. We’ll start off with the initial configuration of the device, where we’ll set things like IP addresses and the host name. First off, I’ll show you how to do it manually, which is the normally. And then you’ll also learn how to use the setup wizard as well. After we’ve got the initial configuration done, we’ll cover the Cisco Discovery Protocol and the Open Standard version of that LDP. Then we’ll move on to some basic layer one and troubleshooting.
2. Basic Router and Switch Configuration
You’ll learn about a basic initial configuration to put on your routers and switches. One of the first things we’ll do is configure IP addresses. Your routers provide connectivity between your different IP subnets. That’s our main job now. So the routers need to have interfaces in the different subnets, and we need to have IP addresses on those interfaces.
Those IP addresses will act as the default gateway addresses for any hosts that are in that subnet. The command to put an IP address on an interface is first off: go to the interface. So you see an example here. We’ve got a router down at the bottom. Interface-fast Ethernet on the right has an IP address of 192-168-0124, and the interface-fast Ethernet on the left has an IP address of 192-168-1124. Obviously, the IP addresses need to be for indifferent subnets that are on different interfaces.
So we get the command to do this from global configuration mode, and then we go to interface configuration mode. So the command is interface fast Ethernet zero, then to put the IP address on there, IP address space 192-1680 one, and then another space, and then the subnet mask 255-255-2550. The IP address and the subnet mask are both entered with one command, and you have to enter the subnet mask in fooled decimal notation.
You can enter slash 24 in iOS; on our routers, interfaces are shut down by default. So remember to also put in the no shutdown command to bring the interface up. So we configure interface fast efnetzero slash zero, and then we configure interface fast feet zero slash one. In our case, it receives an IP address, which is one thing. two dots, one six, eight dots, one dot, and a single subnet mask 255-255-2550 no shutdown After we have configured this, the router is going to be able to route traffic between those two networks. As well as being able to route traffic, it also gives IP connectivity to the router itself.
So after we’ve done this, we would be able to open up a telnet or SSH client like Putty and connect to the router to manage it. Obviously, this is more convenient than walking down there with a console cable and having to physically get up every time. Once you’ve got IP addresses on your router, you’ll be able to connect to those IP addresses to manage your router remotely from wherever you are. We’re also going to need an IP address on our switch to manage that as well. A layer-2 switch is no longer IP routing aware. It does, however, support a single IP address for management purposes.
So you can’t put multiple iPad addresses on alert to switch. It will only allow you to put one IP address on there, and that’s so that we can again telnet into a secure shell on the switch remotely to manage it. Unlike on our router, where we configure the IP address on an interface on a switch, on a layer-2 switch the management IP address goes on a VLAN interface, which is a virtual interface. So when we configure our VLAN interface, that’s called an SVI, a switched virtual interface, and this is going to be in VLAN 1. Now, I know we haven’t covered VLAN yet; they’re going to be configured in another section. For now, all you need to know is that the default VLAN is VLAN 1, and all of our layer 2 switch ports on a switch will be in VLAN 1 by default.
So to get management connectivity to that switch, we configure our management IP address on the virtual VLAN 1 interface. This allows us to connect to the switch from the same IP subnet where that IP address is located. But our administrators are probably going to be located somewhere else. They’re going to be on a different IP subnet. So the switch also needs to be able to get out of that subnet. So just like a normal host would need, it’s also going to need to have a default gateway, our configuration on our switch for our management IP address interface, VLAN one. Then we configure the IP address the same way. So my IP address is 109.216.80.10, and my subnet mask is 255.255.255.250. Now, on a router, interfaces are shut down by default. On a switch, interfaces are enabled by default.
So there wasn’t actually any need to do a no-shut down here. However, I have a habit of always performing a no shutdown on any interface that I configure. It doesn’t do any harm, and it saves me from having to think, “Do I need to do a no shutdown or not?” Just always do a no shutdown whenever you configure an interface; it saves you from forgetting it. Then we return to global configuration mode and configure the default gateway, which in our example is IP default gateway 192.168.0.1. So that will give us IP connectivity on the switch, and we’ll be able to ping the switch now and ping out from the switch as well.
Now, I said that this IP address is for management. We actually need to run a few more commands to allow telnet and/or SSH access to the switch. We’ll cover those in the later section, which is securing Cisco devices. So let’s take a look at how to do this in the lab. In the lab, we’ll use router Rone and configure IP address 192.168.1.01 on the physical interface fastenefonetzerozero. That’s going to be the default gateway address for our switch, which is switch one. Switch one is going to be connected to the router through the physical interface of fast Ethernet zero one, and that will be in VLAN one by default.
For the management IP address, we will configure that on the VLAN one switched virtual interface, and we’ll give the IP address one 2168 00:10. Once we’ve done that, the switch should have connectivity to one thing (21680 one. Because it’s on the same subnet, we want it to have connectivity to other subnets out through the router, though. So we’ll also configure the switch with an IP default gateway address of 1-9-21-16-80-10. kay. Let’s take a look at this in the lab. So I better configure the router first because this just got a new configuration as well. So I’ll go enable it here. configure terminal and Let me just jump back to the slide to check the IP address on here. Okay, so for the interface fast Ethernet, I’m going to give the IP address 192.168.0/24 one space and then configure the subnet mask, which is 255.255.255.25. Now, this is a router, so the interface is shut down by default. So I’ll have to remember to turn off the computer. Okay, so that’s how the router is configured.
Then, if I go on to the switch, I enable and configure the terminal. And let’s have a look at the diagram again. This was on the VLAN interface, 19216. This is not shut down by default anyway, but it doesn’t do any harm. I’m just in the habit of performing a no shutdown every time I configure my interface. Okay, so now the switch should be able to communicate with the router. Let’s double-check that. So I’ll go back down to the enable prompt, and I’ll ping 192.168.1.1, and good, we’ve got connectivity, so that’s all good. So I’ve got connectivity on my one 21680 subnet, but I want to be able to get out to other subnets as well. So I need to configure the default gateway. The command for that is ip default gateway, and the router was at 192.168.0.10. kay. So that is the initial IP connection to the A configured there. If we go back to the slides again, and I’ve made a note down here that this is how you configure the management IP address, We actually have to do some additional commands to allow access via Telnet or SSH.
I’m not going to show you that here because it’s covered in a later section, which is the Securing Cisco Devices section. But right now I’ve got IP connectivity on the switch, so I can do things like do pings out from there. The next thing we want to do for the basic configuration is configure a hostname. A descriptive host name makes it easier to identify the device. For example, I could maybe call it New York. Floor one switchboard So typically, you will specify where the switch is and maybe some other descriptive description on there as well. In the lab, I’ll simply refer to it as hostname SW 1 for switch 1. So let’s jump back into the lab again. And on my switch, right now the default hostname is just Switch.
So that’s what’s showing up on the command prompt. When I enter hostname SW 1 and press Enter, Notice that the command prompt immediately changes to show the host name. This is useful because a really common mistake is to configure the wrong device by accident. Do you understand what’s going on here? I’ve got two different tabs open. I have a tab for R and another for Switch. When working from templates, it’s all too easy to copy and paste the wrong configuration into the wrong command line. By having the host name show up here, it makes it a little bit less likely that you’re going to do that.
Okay. So it gives you a nice description. You can see what device you’re on. It will also appear as the host name if you are troubleshooting from neighboring devices. So it just makes it easy to see what’s going on. Okay, back to the slides again. The next thing we’re going to want to do is configure descriptions on our interfaces. So the fast Ethernet interface was connected to the router, so let’s put a description on there. So, back to the command line. I’ll go to interface fast Ethernet zero one, and I’ll say description link to R one. Again, this is going to be useful for troubleshooting later. If I’m doing some troubleshooting and I’m looking at the configuration on this machine, I can immediately see that interface number one is the interface that’s connected to router number one.
3. The Setup Wizard
In this lecture, you’ll learn about the setup wizard for our routers and switches. I’m using the same lab setup as before, with R1 having IP address 192.168.1.102 on interface fast Ethernet zero slash zero. We’re going to use that as the management IP address. We also have Switch One, which will have management IP address 121-68010 on VLAN One SVI, and Switch One is connected to R One via interface fast Ethernet zero one.
So let’s have a look at this in the lab. So this is what you’ll see when you first take a router out of the box. Power on and hook up a console cable. So when it’s brand new from the factory, it will automatically open up with the system configuration dialogue. Also, if you factory reset the router the next time you boot it up, this is how it will look when you boot it up. I’ve cheated a little bit here. You’ll notice that I already had the router set up already. So another way that you can invoke this setup wizard is at the enable prompt. You can use the command “set up.” So you see, that’s what I’ve done here. And when you enter set up, it will show you the prompt here in the system configuration dialog. Do you want to have a conflict?
Continue with the configuration dialog. This is what you’ll see in the message down here at the bottom when the routers first come out of the box, brand new from the factory. So you can use this to do the initial setup of the router. Basically, all it’s going to do is put a hostname on there and configure an IP address for management. To be honest, I’ve never actually seen anybody use this in the real world. Everyone will always exit here by typing “no” and then manually configure the router or switch. But you might be tested on this on the CCNA exam. So I’ll show you how to do it anyway, because in the real world, you’re probably never going to use us. Okay, so we are going to use it here. So I’ll answer yes to continuing with the configuration dialog. It then tells me it’s going to do a basic setup of the system. Would I like to enter the basic management set up?I’ll say yes. It then asks me for the host name. I’ll name this router R One.
It then requests an enable secret. This is a secret password that is encrypted and is going to be required to get into the enable prompt. It’s best practice to enable one of these. We didn’t do it in the last lecture because I’m going to show you how to secure the router in a later lecture. So for the enable secret, I’ll use the flat box one. It will then prompt me for an enable password. This is basically the same thing, but the enable password is not encrypted, so it’s not actually used.
But the Set wizard will still ask for one, so I’ll use flatbox two for that. Then it asks me for a virtual terminal password. This is the password that’s going to be used for incoming telnet or SSH sessions when I’m doing remote management over the router to the IP address. So I’ll put another password in here; after I enter my password, it will ask if I want to configure SNMP, the simple network management protocol. I’ll say no; I could configure this later if I wanted to. It will then show me the interfaces on this router and ask me which one I want to use for the management interface. As a result, I’ll go with interface fast ethernet net zero. When I choose this, this is the one that’s going to be enabled for remote management access. Do I want to operate in full duplex mode? Yes, I do. Do I want to configure the IP on the interface? Yes. I’m going to need to do that so that I’ve got an IP address to connect you for management. So I’ll say yes, and I’ll use the 192-1680 one. It will default to the class C subnet mask of 255-25-5255.
When you see an answer in brackets, it means that’s the default, and you can just hit enter to accept that. It says I’m a 255, 25, 5255, or myself type. It will then show me a summary of the commands that will be entered. So I see that it is going to enter the hostname “R.” It will configure the IP address on interface fast Ethernet without shutting down. And if I scroll down to the bottom, it will ask me if I want to save the configuration. It gives me the option to break out to the normal command prompt without saving or to go back to the start of the setup wizard. Number two will save the configuration and exit if I make a mistake in one of my entries. So I will hit two, and that is the Setup Wizard completed on R one. Let’s also do it on switch one.
So I’ve got another tab open for Switch One, and I’ll go to the enable prompt and set up to invoke the Setup Wizard. Do I want to configure the configuration dialog? Yes, very similar on switch one as well. Do I want to enter the basic management setup? Yes, enter the host name. I’ll call this switch 1. I’ll use the enable secret alternate and also an enable password, the virtual terminal password, for telnet access. Do I want to configure SNMP? Not for now. It will show me the interfaces, and this is a layer to switch. So I need to configure it on the SBI for VLAN one. Do I want to configure my IP? Yes, I’ll need that to allow remote management. And the IP address was 19216800:10; the certificate defaults to 255-255-2550. That’s fine. Do I want to enable This is a cluster command switch. No, this is not a clustered switch. I’ll say no to that. It then shows me a summary of the commands that are going to be entered. I can see. I’ve got my management IP address there on VLAN 1.
And that is completed again; it’s number two to save and exit. And to test this, I should be able to ping the router now at 192-1680 one. That works great. Okay, so good. Something you might have noticed It did not prompt me for a default gateway. So it’s not going to be able to get out to other subnets yet. So I went to global configuration and set 192.168.81 as my IP default gateway. OK, that’s it. Done. That concludes the setup wizard. I’ll end up there. And to test the management access networks, let’s try telnet 219-21-6801. That looks good. I’m getting the password prompt. So I enter the password I set, and I now have a prompt that I’ve remotely telegraphed into our one for management. Okay, that’s everything I needed to show you. There. That’s a set-up wizard again, in the real world. You’re not going to use this page there unless you really want to.
4. Speed and Duplex Settings
The next thing to talk about is interface speed and duplex. They are set to auto by default, so both sides are linked to auto and negotiate to full duplex and the fastest available speed, which you do automatically. The default is auto on Cisco devices. Best practice is to manually set the speed and duplex on ports that are connected to another network infrastructure device, such as a router, a switch, a firewall, or a server. Because if you set it manually, that’s just a little bit more reliable. To be honest with you, audio should work just fine as well. In a normal building, you’ll probably have hundreds or even thousands of PCs, so you’re not going to manually configure the speed and duplex for all of them. But you’ll have a smaller amount of network infrastructure devices and servers, and the best practice is to manually set the speed and duplex on those. It’s very important to set matching speed and duplex settings on both sides of the lake.
So you either leave both sides set to “auto” or set both sides manually. Do not have one side on auto and the other side set manually. So, for example, if you’ve got a server plugged into the switch, you could go into the switch and manually set the speed and duplex on there. If you’re not sure how to do it on the server, maybe you would just leave it on auto. That would be a big mistake. Okay, you either have to set it to manual on both sides or auto on both sides. If you set it to manual on one side and auto on the other, then that will often cause speed and duplex issues, which can bring the link down or lead to terrible performance on the link. So always do it the same on both sides. Important. OK, let’s have a look at the commands to do that. So at the interface level, duplex is either full or half, and speed is the speed of the interface.
So let’s do that in the lab again. So I’m already in the interface configuration on my switch. I will set duplex full, and this is a fast Ethernet link, so I’ll send it at speed 100, and notice that when I do that, it will bring the interface down and then bring it back up again. So right now I haven’t configured this on the router; it’s auto on one side and manual on the other. I don’t want that. So I will go on to the router, and it’s already in the interface configuration as well. And I’ll also set speed to 100 and duplex full on this side as well. Okay, back to the slides. And that was all we wanted to do for our initial configuration. After we’ve done that, we want to verify that everything is working as expected. The first command is show running configuration, which displays the entire switch configuration. So it’s very, very common to use this command either just to see what’s happening on a switch or for troubleshooting later.
So I’ll go back to the enable prompt because it’s a show command, and I can enter the shortened version Show Run, and it will print out the entire running configuration on the switch for me, and I can hit the space bar to scroll down a page at a time. If I want to break out, I can hit CTRL C. Okay, so that was a show run. Show IP Interface Brief was the next command on the slide. Between “Show Run” and “Show IP Interface Brief,” these are the two most common commands that you will run on a router or a switch.
If you’re working as a professional network engineer, it’s typical that you will run both of those commands multiple times every day. As a result, show run displays the entire configuration. Show IP Interface Brief displays the status of your interfaces as well as which IP address is assigned to which interface. So again, if you jump on a switch and you’re gathering information about it, this is a very common command to use. In this example, I can see that interface fasted finite has an IP address of 192.168.0, and the status and protocol are both up. The interface-facing one is administratively down, which means I did not perform a no shutdown on it. Okay, so that was on the router.
This command, same command, is also available on the switch. So, briefly demonstrate the IP interface. I’m going to get more output here because it’s on a switch now. There are more interfaces there. Again, it’s exactly the same output. I can see all of my interfaces that are on the device and the IP addresses that are configured on those interfaces. This is a two-layer switch. So it’s just got the VLAN-1 interface right now with an IP address on it, and I can also see the status of my interfaces. “Show run interface VLAN One” is the next verification command I can use. So on the switch again, if I do a show run, it shows the entire configuration. This can be really long, so if you just want to check the configuration for a particular interface, you can do a show run interface. Consider the fast Ethernet interface as an example.
You see it there as I’m scrolling through the show run configuration to get straight to it. I could perform a show run Interface for Fast Ethernet 0 one. and it just shows me that part of the configuration. Okay, so it’s a show-run interface that shows you the configuration you’ve manually configured on the interface. If you do a “Show Interface Fast Ethernet 0,” that will show you the Mac address on the interface and the IP address of the interface if one is configured. And it also shows you traffic statistics as well. So, if you suspect an issue with an interface, This is a useful command for troubleshooting, and it will also verify if traffic is passing through the interface or not as well.As you see in this example, we’ve had 571 packets output and 97 packets input.
So traffic is going through that interface. This command will also show you if you have any errors on the interface as well. So right now we’ve got zero input errors and zero output errors. So that’s all good. Okay, and the last command to show you here is show version, which will show you the version of iOS, the operating system that is running on the switch or browser. So I’ll do a show version, and I can see this is the version of iOS that is running on the switch. It will also give me some additional information in there as well, like how much memory is installed in the device. Okay, that was everything I wanted to show you for the initial configuration. Next lecture, we’re going to have a look at the Cisco discovery protocol and LDP.
5. CDP and LLDP
You’ll learn about the Cisco Discovery Protocol (CDP) and the Link Layer Discovery Protocol (LDP).They’re both very similar protocols. CDP (Cisco Discovery Protocol) is a Cisco proprietary layer for a protocol. It’s used to share information with other directly connected Cisco equipment, such as the operating system and the IP address. That information will be shared between connected devices. That aids in troubleshooting by allowing administrators to map out how Cisco devices are connected to each other. For example, say that you’re in New York and there is a problem in Sydney, and you don’t know about the network topology in Sydney.
Well, as long as you can jump on one device there, then you could use CDP neighbors to map out how all the other Cisco devices are connected to each other. So it’s a very useful troubleshooting tool. Even if you know what the topology should look like, you can use your CDP neighbor to check that the device is there and detected at layer 2. CDP is enabled by default on most Cisco equipment, including routers, switches, and firewalls. Even software such as Cisco Unified Communications Manager, which is used to control IP phones, as well as the IP phones themselves, will support CDP. So if you go into a switch that has the Cisco Unified Communications Manager server and IP phones plugged in there, you’ll be able to get information about those devices.
CDP works at layer 2, so it’s not necessary for the device to have an IP address on it for it to be detected by its neighbors. The commands for CDP So it’s enabled by default. If you want to disable it, you can do a no CDP run to turn it back on. Again, it’s a CDP run that’s done at global configuration. A reason you might want to disable CDP is that it can be seen as a security concern. If you’re in a highly secure environment, such as maybe in a bank, you don’t want people to be able to see what devices are plugged in there. So you could disable CDP. No CDP run will disable it globally on the device. With no CDP enabled, you can also disable CDP at the interface level. So say you’ve got a switch on the edge of your network and you want CDP enabled on the internal-facing interfaces.
You want to disable it on the external-facing interface so you don’t give up information to another organization. So you can do your CDP enablement at the interface level. Our verification commands showed will tell you whether it is enabled or not. also the timers, et cetera. And the commands that can be used to verify the attached devices are “show cdp neighbors” and “show cap neighbors detail.” Showed neighbors will provide you with a nice, concise summary view. Show CDP neighbors detail will provide more information, including the neighbors’ IP addresses. So let’s have a look at this in the lab again. So I’m back on my switch again, and I’ll show CDP to see if GDP is enabled or not. And yes, it is sending a CDP package every 60 seconds. So that is the default. If I do a show CDP neighbor, then it will show all the Cisco devices that are plugged into the switch.
So the details it gives me are the name and the host name of the device. This is another reason why it’s a good idea to assign a host name so that if you run show CDP neighbor, you’ll get a description of what that device is. I haven’t set any host names in the lab here yet, so it’s not very descriptive. It just says “a router or a switch.” Then it will show me the local interface that is connected on my side and over on the right. The port ID is the interface that is plugged into the far-side device, and it also says what the platform of that device is. So I’ve got 20 811 routers plugged into my switch, as well as 35 60 switches, to get more information. I can use “show CDP neighbour detail” to get more verbose output and see that my router has an IP address of 192.168.1.
This is useful again if you need to find out the IP address of a neighbour so that you can tell if our SSH is connected to it for troubleshooting. It also tells me the platform it’s running on (the Cisco 2000 and 811 routers), the iOS version that is running there as well, and some other similar information. If I hit the space bar, I can scroll through and see the information for the other devices as well. Okay, so that was CDP. Let’s take a look at how to disable it on an interface. So I’ll go to configure terminal and then do “show IP interface” just to see what interfaces I’ve got on here. I’ll simply turn it off on the first physical interface, which is the fast Ethernet interface. So I can go to interface configuration, interface fast, Ethernet zero one, and no CDP enable. So the switch will now stop sending out CDP information on that particular interface.
It’s still going to do it on the other interfaces, though. So usually, I would do that if this was facing an external entity. If I’m in a highly secure environment and I just want to completely disable CDP on the switch, then Alexa should go back to global configuration and do a no CDP run. When I go down to the enable prompt and type show CDP, you can see that CDP is not enabled. Okay. So that was everything I needed to tell you about CDP. I’ll go back to the slides for LLDP. So LDP is the link layer discovery protocol. This was released much later than CDP, which is a Cisco proprietary. LDP is an open standard, so it’s reported on most vendors’ devices, and it provides similar information to CDP.
It does have some differences, though. CDP will always be enabled by default on Cisco routers and switches, but with LDP, it depends on the switch and version whether it will be enabled or disabled by default. LDP is only supported on physical interfaces. CDP is also supported on virtual sub-interfaces as well. You’ll learn more about those in the VLAN section later. With LLDP, it can only discover up to one device per port. CDP is able to discover multiple devices per physical port because it supports those virtual server interfaces. and LDP can discover Linux servers. CDP cannot send commands to configure this on a Cisco router or switch to turn it on or off. At global configuration, we’ve got LLDP running and no LDP running to turn it off.
So similar to the command that we had for CDP to disable at the interface level, we do both transmit and receive separately. So there was no LDP transmit to disable sending out information, and no LLDP receive to disable receiving information. Our verification commands are again similar to CDP. Show LLDP will show if it’s enabled or not, show LDP neighbors will show a summary of our neighbors, and show LLDP neighbors detail will show more verbose output, including the IP addresses configured on those devices. Okay, so that’s everything I needed to tell you about CDP and LDP. See you in the next class.
6. Basic Layer 1 and 2 Troubleshooting
Check that there’s not a mismatch there. The next command is show interface. If the interface is reporting an unusually high number of errors, it could be a layer one or layer two issue. Check the integrity of the cable. Check that there are no problems with the cable. Again, check that your administrative configuration matches on both sides of the link. So here’s an example of a Show interface command. If you just select Show Interface and hit Enter, you’ll get a really long output because it will show you the command for every single interface in the router or switch. So usually, we’ll do a show interface and then specify the interface like we’ve done here. For Fast Ethernet zero two here, we can see that it’s set to full duplex, and the speed is 100 MB per second. We’ve got no input errors and no output errors.
So that’s a good sign. I showed you the full duplex and the speed on this slide because that’s going to come in on the next slide. Now, a possible error you can have is speed and duplex mismatches on your interfaces if you’ve got incorrect speed settings that can cause the interface to operate below its maximum speed. For example, if one side is set to auto and the other is set to manual, or if both sides are set to auto and it doesn’t manage to negotiate correctly, that can cause an incorrect speed setting where it’s going to run below the optimal speed. If you’ve got a speed mismatch where you’ve manually configured the speed on both sides of the link, that will typically bring the interface down. If you’ve got a duplex mismatch, the interface will typically stay up, but you’ll get terrible performance because you’ll have loads of collisions on the interface. If you do a show interface command, that will typically report a really high number of errors in that case, which should give you a clue as to what the problem is.
As we said in the earlier lecture, both sides of the Alink must be set to the same speed and duplex. Have you ever set both sides to configure themselves automatically or manually? You don’t need to do that for all parts. So, for example, in one switch, maybe part one is set manually, and the device on the other side has to be set manually. Part two could be to set auto. The device on the other side of that link should also be set to auto. Your Cisco devices will default to auto. If one side is set to auto and the other is manually configured, it will often result in a mismatch. Set them both to the same value. The best practise is to manually configure ports attached to other network infrastructure devices or servers.
So your routers, your switches, your firewalls, etc. to have those configured manually. Also, your servers will host your normal PCs. We’re going to have a lot of those. We’ll typically leave that set to auto. Again, remember, if you configure it manually, do both sides of the link. If a device has issues with auto-negotiating speed or duplex, then manually configuring both sides will normally solve that problem. If you do have a duplex mismatch, then the CDP-Cisco Discovery Protocol should detect that and unlock it like you see in the example here. We’ve got a duplex mismatch discovered on fast Ethernet. Zero slash zero, not half-duplex.
7. Basic Layer 1 and 2 Troubleshooting – Lab Demo
Alright, let’s have a look at those troubleshooting commands in the lab. So I’m back in the lab here, and I’ve got switch one connected to router one on the switch side. It’s on fast Ethernet interface zero. Interface fast efnetero. Let’s just confirm that. So I’ll do a showrunner face-first zero on the switch, and I’ve put a description in there. It’s linked to R One. I haven’t configured any other settings on there, so they’re all at default. If I do a show IP interface brief, I can see that. I’ve got my VLAN One interface configured with IP address 19216, my router is at 192.168.1.81, and Fast Ethernet is up, so that all looks good. So I should be able to ping the router.
Let’s try pinging 192.168.1.100, and the ping is fine. Okay, let’s have a look and see what happens if a device on the other side is down. So I’ll go on to R 1. Let’s just verify we’re going to configure the correct interface or do a show on Interface Fast Ethernet Zero Slash Zero, and I’ve got my description there. It’s the link to switch one; it’s IPS 18116 with auto speed and duplexer.
So, on here, I’m going to go to global configuration, interface fast Ethernet zero, and shutdown. Actually, just before I do it, let’s do a new Show IP interface brief here as well. And we already know, because it was good on the other side, that fasting zero is up, so it’s all good. We can also see the IP address there. So I’m still in that interface configuration. Let’s shut down the interface now, and I should get a verification message. I can see the interface going down. I’ll press the up arrow a few times to bring up my do show IP interface brief. And I’ll see now that on interface fast finite, the status has now changed to “administratively down,” because I’ll shut down that interface if I jump. Back onto the switch now, and I’ll do a show IP interface brief again on here.
I will see the interface quickly. The zero has now changed to down because the interface has been shut down on the other side. So when you see “down,” that usually indicates a layer-one issue. Either the cable isn’t securely connected on both sides or the device on the other side is powered down, or just that particular interface on the other side is powered down. Okay, so that’s how we check that. Next up, let’s check out the speed and duplex settings. I just showed you the show interface command, but we’re here as well. You saw this in an earlier lecture, so that will give you information and an interface. I’ll tell you whether it’s up or not. The Mac address’s IP address will show up here as well. It also provides interface statistics, which I can use to determine whether or not traffic is passing through the interface. I can also see the number of errors on there. Okay, so yeah, let’s have a look at the speed and duplex. So I’ll do a show run for interface fast zero-one again, and the speed and duplex are not separate, so it’s going to default to auto. If I do a show interface fast zero slash one, I can see that the speed and duplex are set to auto.
OK, let’s have a look at ours as well. So I’ll do a show run interface fast zero slash zero on here, and it will show that the speed and duplex are set to auto. And if I show interface fast zero slash zero, I can see auto duplex and auto speed again. I can also see that the speed it’s running at is 100, so it’s running at 100 megabits per second. The kinds of issues that we can have here Let’s jump back on to switch one again, and I’ll go to the interface configuration, which was for fast zero-slash one, and I’m going to set the speed to 10 on this side, and I’ll go on to Rona and I’ll set the speed to 100 here. So I’ve got a speed mismatch now, and if I jump back onto the switch and do a show IP interface brief, I can see that on interface fast Ethernet zero slash one, it’s now at down, indicating that the speed mismatch has caused the interface to go down. If I run the same command on R1, I get a brief display of the IP interface but fail to bring it up. Okay, let’s fix that.
So, interface fast zero slash zero and no shut. And now I’ll do a “show IP interface brief,” which does have the speed mismatch, and I can see under the router side that it’s up and down. So this interface has got a problem; it’s not going to be passing traffic. So it was up and down on the router side, and if we have a look on the switch side, I can see that it is down and down on the site. So if you have a speed mismatch, then that’s going to cause an issue. It will typically bring the interface down typically. So let’s fix that. I will set it to 100 on this side as well. So it matches on both sides now, and I’ll just flatten the link. So I’ll do a shot and then a no-shot to bring it down and then back up again. And now if I do a show IP interface brief, I can see that the interface is now back up, so I fixed the problem and the interface is working again.
Okay, so that was a speed mismatch. Now let’s change the duplex. So on switch one, I’ll set the duplex to half, and on the router, I’ll set the duplex to full. I’ll go back to the switch again, and it might take a few seconds, but CDP should tell me that there is a duplex mismatch. There it is now. So I get the CDP warning message about the duplex mismatch. You’re only going to see this if you’re connected over a console connection by default, not by telnet, but you could view it if you did a show log. If I do, I do show the IP interface in brief, and I can see that the interface stays up in this case. So if you have a speed mismatch, it will bring the interface down. If you have a duplex mismatch, it will leave the interface open. But what’s going to happen is that you’re going to get terrible performance over that link now because you’re going to have loads of collisions on there. So, if you have that issue, make sure you set it to the same on both sides. So I’ll set my switch to duplex fool. And on my router, I’ll also set it to duplex full, and that’s all my problems solved again. Okay, so that was our Layer 1 and Layer 2 basic troubleshooting commands. Again, remember speed and duplex. Make sure it’s the same on both sides. OK, thank you. See you in the next class.