Cisco IOS Commands – Using Extended Ping For Network Troubleshooting
by Francis Teo on September 1, 2009
in Cisco IOS Commands
The extended ping command is a very important part of any network engineer’s Cisco IOS commands knowledge. Many beginners do not know how to use this command effectively, but it is definitely a must-know and can isolate many network issues. In this post, I’ll go through some of the most important and useful parameters of this command:
Target IP address
The target IP address is the IP you want to send the ping/ICMP packet to. This is fairly straightforward, but one important note that if this IP is not routable from this router, you won’t be able to reach it, and will get no replies. The next step would be to do a traceroute to further isolate the issue.
Repeat count
Some physical line problems might only show up upon repeated ping tests. If it’s an intermittent issue, it’s best to put a larger number to simulate a stress test in order to ensure that there are no issues. For example, 1,000 or 10,000 packets might be a suitable number.
Datagram size
For stress test purposes, you can put a larger number in the datagram size to test for larger packets. It is not recommended to put a datagram size larger than the maximum MTU size of all the routers along the routing path as this would mean the packets would be fragmented (unless you are testing whether fragmentation is working properly). For an TCP/IP network running on ethernet, a good datagram size to use is 1500.
Some issues might also only show up with larger datagram sizes. These are usually related to some fragmentation issue along the way. It makes sense to test with larger datagram sizes as well as small ones in order to be sure.
Source address or interface
This part of the extended ping command is very useful to test whether it’s a routing issue or a switching issue. If you reach the directly connected router for a problematic host, and pings are successful when sourced from a directly connected interface (but not from another interface which is not directly connected), it usually indicates a routing configuration or process issue on that router, since no routing is needed for directly connected interfaces.
I hope you’ve found this post on Cisco IOS commands useful. Do subscribe to my RSS feed or follow me on twitter (@savvynetcert) for the latest updates.
Cheers,
Francis (SavvyNetCert.Com – @savvynetcert on Twitter)
Cisco IOS Commands – Using The Show Interface Cisco IOS Command For Troubleshooting Network Issues
by Francis Teo on August 29, 2009
in Cisco IOS Commands
Mastery of Cisco IOS commands is a very important part of the CCNA test and is also essential for anybody who is serious about a career in computer networks. Of all the commands, the most crucial are those you should have at the tips of your fingers when something goes wrong and you are suddenly called upon to troubleshoot. Every so often, the issue is related to a switchport and it is important to know how to use the show interface Cisco IOS command properly. If there is a network issue regarding slowness or disconnects, here are a 6 things you should be looking at when you check on the output of the “show interface” Cisco IOS command:
1. Is the physical port and line protocol up? If you don’t have layer 1 and layer 2 connectivity, there is no way any IP packet is going through this port.
2. Any duplex mismatch issues? Duplex mismatch could lead to slowness and errors in the network. If the speed does not match, the port won’t even come up.
3. Any QoS drops? If you have a QoS policy in place, it might be shaping and policing the traffic and dropping the packets. In this case, you might need to either rework your QoS policies, or advise the user about the high traffic levels.
4. What are the traffic levels, is this normal? You can check the input and output rates to see if this is normal for this time of day.
5. Any CRC or other input errors? Input and CRC errors could signify a physical problem with the port or cabling.
6. Any output errors or collisions? Output errors could also indicate a physical issue with the port or cabling. A full-duplex connection should have no collisions while it is quite normal for a half-duplex port to have collisions.
Cheers,
Francis (SavvyNetCert.Com)
P.S. Still preparing for your CCNA? Have you seen our CCNA book comparison chart?
Cisco IOS Commands – Show Command Filters (Part 2)
by Francis Teo on July 29, 2009
in Cisco IOS Commands
This is a continuation from the first part of this series on show command filters. Please read part 1 on show command filters if you haven’t already.
Cisco IOS Command – Section Filter
The section filter Cisco IOS command is only available in newer Cisco IOS versions but is very useful should you have it available. In older versions of Cisco IOS, if you wanted to view the EIGRP routing configuration, the fastest way is to run the “show run | b router eigrp” command, which would have the following output, with the unnecessary parts of the configuration shown as well.
Router#sh run | b eigrp 999
router eigrp 999
network 10.0.0.0
no auto-summary
eigrp router-id 10.0.1.1
!
ip forward-protocol nd
!
ip http server
no ip http secure-server
[Extra Lines Not Shown]
When you use the section filter, it only shows the EIGRP routing configuration, as below:
Router#sh run | s eigrp 999
router eigrp 999
network 10.0.0.0
no auto-summary
eigrp router-id 10.0.1.1
Router#
This is a great time saver, and is extremely useful especially if you need to troubleshoot and are pressed for time.
P.S. I created a handy chart comparing the various CCNA books. Click on the link to compare and buy now.
Cheers,
Francis (SavvyNetCert)
Cisco IOS Command Tip – How To Use Show Command Filters Effectively
by Francis Teo on July 28, 2009
in Cisco IOS Commands
Cisco IOS Command Filters – Why You Need Them
For the beginning and CCNA network engineer, we spend a lot of time looking at the running configuration of the Cisco IOS router or switch. Filters are an extremely useful part of the Cisco IOS command line and every network engineer should be able to use them effectively as they save a lot of time when used properly. If you want to get your CCNA certification and be an effective network engineer, you should know this.
Ciso IOS Command Filters – Available In Cisco IOS
There are several show command filters for the Cisco IOS Command, which are usually used in conjunction with the “show run” and “show start” commands to view parts of the configuration.
Router#sh run | ?
append Append redirected output to URL (URLs supporting append operation
only)
begin Begin with the line that matches
exclude Exclude lines that match
include Include lines that match
redirect Redirect output to URL
section Filter a section of output
tee Copy output to URL
The most common filters to use with this Cisco IOS command are include and exclude, which return only the lines of the configuration which contain the specified word. For example,
Router#sh run | i interface
interface FastEthernet0/0
interface FastEthernet0/1
A more interesting use of this Cisco command would be to combine the filters, like as follows.
Router>sh ip nat trans | i Pro|15.0.0.1
Pro Inside global Inside local Outside local Outside global
--- 15.0.0.1 192.168.10.1 --- ---
Router>
In the above Cisco IOS command example, this is used to show both the header row as well as filter for a particular address in the NAT translation status output.
To Be Continued…
In a 2nd part of this post, I’ll be writing about the section filter. Do subscribe to my RSS feed to make sure you don’t miss it.
Cheers,
Francis (@SavvyNetCert)
Cisco IOS Command Tip – A Quick Way to Wipe The Cisco Router Configuration For Your CCNA Lab
by Francis Teo on July 26, 2009
in Cisco IOS Commands
Very often when you are practicing for the CCNA exam in your home lab, you may want to reset the configuration to the “factory” state in order to reconfigure it from scratch. This is an excellent way to practice as deployment tasks usually are done on fresh devices shipped from Cisco. I have a CCNA tip which will save you a lot of time.
One of the quickest Cisco IOS commands to do this is to issue the “wr erase” command which will remove the configuration. After that issue a “wr mem” and reload the router just to be sure. This will restore your CCNA Lab environment to the factory default. This is an extremely dangerous command, please do exercise caution if this is being done on a live network.
Router#wr erase
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
Router#
There you have it, an extremely quick way to reset the router to factory configuration. Note that there is a caveat on Cisco Catalyst switch platforms, as this command does not wipe out the VLAN database (vlan.dat), which is stored on flash. You need to delete the file manually, if not upon reload, you might find that the VLANs are mysteriously still there.
Switch#delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
Switch#
I hope you found this useful. Please feel free to subscribe to my RSS feed or follow me on twitter (@savvynetcert).
Cheers,
Francis (@savvynetcert)
[Update 27 Jul 2009: Formatting for commands]
Cisco IOS Command Tip – Showing ACLs Applied On An Interface
by Francis Teo on July 26, 2009
in Cisco IOS Commands
ACLs are a very important topic for the CCNA exam and any CCNA network engineer needs to understand how to use them well. I’m not a big fan of doing “show run” when there alternative commands available, especially if they can be run without privileged access. I mentioned in a previous post about the 3 Command Line Habits a CCNA network engineer should have, and staying out of enable mode (unless necessary) is one of them.
One of the tasks we often need to do is to find out what ACLs are applied to an interface. Often many novice network engineers would do this:
Router#sh run int fa1/0
Building configuration...Current configuration : 137 bytes ! interface FastEthernet1/0 description External Link no switchport ip address 15.0.0.1 255.255.255.0 ip access-group MY-ACL in end
Showing the running configuration of an interface requires you to be in enable mode and what the router (or switch, as the case may be) will need to actually generate the runtime configuration and display it.
A faster way would be to do this (this may not work in older versions of IOS):
Router>sh ip int fa1/0
FastEthernet1/0 is up, line protocol is down
Internet address is 15.0.0.1/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is MY-ACL
Of course, we are also able to view the ACL with the associated line numbers without entering privileged mode.
Router>sh ip access MY-ACL
Extended IP access list MY-ACL
10 permit ip 20.0.0.0 0.0.0.255 15.0.0.0 0.0.0.255
20 deny ip any any log
Router>
Hope that this has been a useful tip. Please help me by filling out this survey and letting know what you need to know. Please subscribe to my RSS feed so you won’t miss any new posts.
Cheers,
Francis (@savvynetcert)
Cisco IOS Command Tips and Tricks – 3 Command Line Habits a CCNA Network Engineer Should Have
by Francis Teo on July 23, 2009
in Cisco IOS Commands
Whether or not you’ve still in the process of CCNA preparation or are already working as a CCNA certified network engineer, it’s best to form good command line habits as early as possible. Even with many GUI configuration tools, most Cisco network engineers still spend a lot of time in the Cisco IOS command-line interface. For many tasks, it’s simply much faster to use the command-line. The below 3 habits and associated Cisco IOS commands are essential for any networks engineer. The earlier you start doing these, the better. A good place to start would be at your home lab (if you have one).
Always Save Your Configuration
After doing any configuration to the Cisco IOS router and switch, and verifying that the configuration change was good, the configuration should be saved to the startup configuration. Please note that (most) configuration changes take place almost immediately, however in case of power loss or in the rare event that your device crashes, you’ll want the device to have the latest configuration. The command used in most CCNA preparation books and CCNA materials is “copy running-configuration startup-configuration” or “copy run start” for short.
One extremely useful tip here is that the older command “wr” and “wr mem” almost always works and is much easier to type and to remember to do (see below). However please note that the “wr” commands are not available when you are attempting the actual CCNA test and are doing the simulation questions in the test.
Router#wr
Building configuration...
[OK]
Router#
Router#wr ?
core Write Core File
erase Erase NV memory
memory Write to NV memory
mib-data Write MIB persistence data to NV memory
network Write to network TFTP server
terminal Write to terminalRouter#wr
Always Backup Your Configuration
By backing up your configuration I mean to copy the running configuration off the network device. In terms of data redundancy you should always have a copy of the configuration somewhere else. The easiest way to do this is via TFTP. Various free TFTP servers are available for all platforms.
Stay Out of Enable Mode – Unless Necessary
All network engineers should be careful when entering privileged mode in the Cisco IOS command-line interface. One thing I have seen CCNA network engineers do is to make going into and staying in enable mode a habit. In my opinion, this is extremely dangerous as you are allowed to execute practically any command in privileged mode. A typical network engineer would be logged into several devices at once. To safeguard against the possibility that you accidentally copy and paste text (while in enable mode), you should make it a habit to exit enable mode once you are done executing any command that require that level of access. The command to do this is “disable“.
Router#
Router#enable
Router#disable
Router>
P.S. I created a handy chart comparing the various CCNA books. Click on the link to compare and buy now.
Cheers,
Francis (Twitter – @savvynetcert)
Cisco IOS Command Tip – Extremely Useful Show Interface Cisco IOS Commands
by Francis Teo on July 22, 2009
in Cisco IOS Commands
To become an effective Cisco network engineer, it is extremely important to master Cisco IOS commands. Of these, the various show interface commands are the most commonly executed by any typical Cisco network engineer (at least those who know what they are doing!) If you work in an environment where speed is critical, this is even more important. When a network issue is reported, I’ll most likely use one of the below commands on the directly connected switch or router to do a basic check before looking at anything else.
show interface description
The sh int desc Cisco IOS command is the one i use most often on Cisco IOS whenever I need to do a quick check on router and switch interfaces. This command works on both routers and switches. It shows a summary of all the interfaces, their status (both physical and protocol) as well as the description. If you named the interfaces properly when setting this up, you can quickly identify if this is likely due to a cabling fault or perhaps something else. Below is a sample of the output. Please note that this command is undocumented (will not show up on the IOS contextual help) in many versions of IOS, however it does work on most of the IOS versions released in the past few years.
Router#sh int desc
Interface Status Protocol Description
Fa0/0 admin down down To Provider A
Fa0/1 admin down down To Provider B
Fa1/0 up down
Fa1/1 up down
show interface status
The sh int status command is another very useful Cisco IOS command. This shows the status (connected/notconnect), the VLAN, speed and duplex settings as well as type of switchport. This command only works on switchport interfaces (on Cisco Catalyst switches as well as switchport modules on Cisco routers). Very useful when you need to check if the VLAN has been configured correctly as well as whether there are any speed/duplex mismatch or other issues.
Router#sh int status
Port Name Status Vlan Duplex Speed Type
Fa1/0 notconnect 1 auto auto 10/100BaseTX
Fa1/1 notconnect 1 auto auto 10/100BaseTX
Fa1/2 notconnect 1 auto auto 10/100BaseTX
I hope you found this CCNA tip useful. Please feel free to subscribe to my RSS feed or follow me on twitter (@savvynetcert) for more CCNA tips and tricks and CCNA materials.
Cheers,
Francis (SavvyNetCert.Com)
Cisco IOS Command Overview – Network Address Translation (NAT)
by Francis Teo on July 21, 2009
in Cisco IOS Commands
Cisco IOS Command Overview – Show IP NAT translation
Frustrated because you cannot understand NAT? Was just reading a blog post on NAT and was reminded how much difficultly I had with Network Address Translation (NAT) when I was just starting out on my career as a Cisco networks engineer. First off, the official Cisco notes – How NAT works. Feeling confused after reading it? For most part the official Cisco notes well as the CCNA books I recommended in the previous posts are excellent resources. However, one of the most confusing topics for the beginning CCNA networks engineer are the 4 crucial NAT terms – inside local, inside global, outside local and outside global. One of the items you must definitely master for your CCNA preparation is definitely NAT, as NAT is one of the features that is extremely well used when you are a CCNA networks engineer.
After NAT has been configured correctly (please see the excellent blog post I mentioned above to find out how), you’ll issue the sh ip nat trans Cisco IOS command to display the translation table, in order to verify that NAT has been configured correctly. These 4 terms are used to refer to specific IP addresses (and port numbers) involved in the translation. To understand NAT correctly, it is important to understand what they mean.
It is a good practice to configure the interface facing the internal network as “nat inside” and the interface facing the external network as “nat outside“. The below 2 diagrams show what the addresses are at various points in the NAT process.
Network Address Translation
Network Address Translation - Outgoing Packet
For outgoing packets:
- Inside Local – This is the untranslated source address
- Outside Local – This is the untranslated destination address
- Inside Global – This is the translated source address
- Outside Global – This is the translated destination address
Network Address Translation - Incoming Traffic
For incoming traffic (to make this easier to understand the diagram depicts return traffic):
- Outside Global – This is the untranslated source address
- Inside Global – This is the untranslated destination address
- Outside Local – This is the translated source address
- Inside Local – This is the translated destination address
I hope this has been helpful. Please follow me on twitter (@savvynetcert) and drop me a note to let me know if you liked this post. Feel free to subscribe to my RSS feed and so you won’t miss a single post.
Cheers,
Francis (SavvyNetCert.Com)
