There are a variety of different techniques that are recommended for troubleshooting network problems. The idea is to isolate the error to a network device, fix the problem and verify that network connectivity is restored. Optionally, you can start with a Ping to the destination and quickly verify there is Layer 3 connectivity.
OSI Layer Approach
Host TCP/IP address settings are displayed with Windows ipconfig /all command output. Network administrator can verify the MAC address and operational status of network interface card (NIC) as well. The following is a list of common points to check when troubleshooting network errors.
- Host TCP/IP settings are correct.
- Host is on a common subnet with the default gateway assigned.
- DHCP is enabled for hosts.
- Static routes exist in both directions when no dynamic routing exists.
- Any ACL that is filtering application ports.
Operational vs Administrative
Operational status is the running state of a network device. Administrative status is how the device is configured. The operational status confirms for example that an interface is up, switch port mode or routing table entries. They are listed with various IOS show commands from CLI.
Network Interface States
There is no routing available unless Layer 1 and Layer 2 is working correctly on any network device. The possible interface states for network interfaces are up/up, up/down and administratively down / administratively down. The normal status of an Ethernet interface is up/up. The shutdown command would change interface status to administratively down. It is not possible to have line protocol in up state when the interface (Ethernet) is down (down/up).
Interface = Layer 1, Line protocol = Layer 2
switch# show interfaces fastethernet1/1
Ethernet 1/1 up, Line Protocol up (normal state)
Typical Interface Errors
Layer 1 = cabling, switch configuration mismatch (speed/duplex)
Layer 2 = encapsulation mismatch, spanning tree, clocking errors
Cisco switch interfaces that are in err-disabled state cannot send or receive frames and are essentially shutdown. The cause is either operational or a configuration mismatch. The following are some typical causes of a network interface in err-disabled state:
- Duplex mismatch
- Port security violation
- EtherChannel mismatch
- UDLD errors
- BPDU guard
- Interface flapping
Gigabit Ethernet interface support full-duplex as a default setting. Network traffic is sent simultaneously in both directions to double the bandwidth available. That eliminates collisions and creates a collision domain per interface. The fact that there are no collisions increase throughput and decreases network latency.
Gigabit Ethernet eliminates collisions unless there is a configuration error or hardware issue. Collisions are caused most often when there is a duplex mismatch on connected interfaces. In addition collisions can occur when there is a bad network interface card (NIC) or cabling error. The switch increments collision counter error after sending 512 bits of a frame. Cisco recommends auto-negotiation (auto/auto) duplex setting on all switch interfaces to minimize network errors.
Duplex mismatches with a neighbor interface cause collisions, input errors, CRC error and slower performance. The cause of collisions on a broadcast domain (VLAN) instead of interfaces are typically the result of duplex mismatches and faulty network interface card (NIC). The most common cause of CRC and runts is collisions. Giant frames result from either a bad NIC card or an MTU configuration error
Cisco devices support both static trunk interfaces and DTP enabled dynamic trunking. There is no support for speed and duplex commands or auto-negotiation on newer 10 Gbps switch interface. The following are common causes of trunking errors:
- Native VLAN mismatch
- Access mode configured
- VLAN pruning
- Duplex / speed mismatch
- Incorrect DTP mode
The following IOS show command displays the operational status of trunk interfaces for troubleshooting purposes:
switch# show interfaces trunk
The following interface settings must match on all member switch ports assigned to an EtherChannel bundle. The channel-group number (1-48) bundles a port/s to a logical interface or port channel. Gigabit interfaces only support full-duplex traffic.
- Duplex = half | full | auto
- Speed = 10 | 100 | 1000 | auto
- Protocol (PAgP, LACP or static)
- Switch port mode (access or trunk)
- VLAN membership
- STP configuration
- VLANs allowed (for trunk interfaces)
- Native VLAN (for trunk interfaces)
VLAN Trunking Protocol (VTP)
- Configure all switch uplink ports to trunk mode
- Designate at least one VTP server
- Configure all switches with the same VTP domain name
- Configure all switches with the same domain password
- VTP server or transparent mode is required to configure VLANs