Network maintenance and troubleshooting methods.
Switching :
If everything else seems to be ok, make sure there’s no VACL!
When using PAgP make sure at least one of the switches is using desirable mode or in case of LACP make sure one switch is in active mode.
Check if your frame-relay network supports broadcast or not. Configure EIGRP to use unicast or change your frame-relay configuration to support broadcast traffic.
Split horizon prevents the advertisement of a prefix out of the interface where we learned it on.
Don’t block OSPF multicast addresses 224.0.0.5 and 224.0.0.6 (DR/BDR).
Make sure you use the same subnet mask on routers that are directly connected to each other
Make sure you use the same OSPF authentication type and password between routers.
Make sure your OSPF routers agree on the same area number.
Make sure your OSPF routers use the same area type.
The broadcast and non-broadcast network types require a DR/BDR election. Make sure one of the routers gets elected.
The keyword broadcast means we can send broadcast and multicast traffic down the PVC.
Make sure you understand all the OSPF network types and their requirements.
You can not advertise what you don’t have!
If you want to advertise a default route with OSPF you need to have a default route in your routing table or use the “always” keyword.
Use the administrative distance to prevent or allow the installation of prefixes in your routing table(s) and use the metric to select the best path.
Use the correct command for OSPF summarization.
Make sure the BGP routers can reach each other, that BGP packets are sourced from the correct interface and in case of EBGP don’t forget to use the multihop command.
If you see classful networks in your BGP table you might have auto-summary enabled.
IBGP neighbor adjacencies have to be full mesh! Another solution would be by using a route-reflector or confederation.
If you use IP helper make sure the DHCP server knows how to reach the subnet where the client is located.
OSPFv3 for IPv6 has the same requirements to form a neighbor adjacency as OSPFv2 for IPv4. Apply your “IPv4 OSPF” knowledge to solve neighbor adjacency issues.
Make sure you use the correct 6to4 tunnel IPv6 addresses.
Network maintenance includes:
•Troubleshooting network problems.
• Hardware and software installation/configuration.
• Monitoring and improving network performance.
• Planning for future network growth.
• Creating network documentation and keeping it up-to-date.
• Ensuring compliance with company policies.
• Ensuring compliance with legal regulations.
• Securing the network against all kind of threats.
Tasks can be performed in following ways:
1. Structured tasks.
2. Interrupt-driven tasks.
Network Maintenance models:
FCAPS:
Fault management.
Configuration management.
Accounting management.
Performance management.
Security management.
ITIL: IT Infrastructure Library is a set of practices for IT services management that
focuses on aligning IT services with the needs of a business.
TMN: Telecommunications Management Network is another maintenance model that
was created by the ITU-T (Telecommunications Standardization Sector) and is a
variation of the FCAPS model. TMN targets management of telecommunications
networks.
Cisco Life Cycle Services: Of course Cisco has it's own network maintenance model
which defines the different phases in the life of a Cisco network:
Prepare
Plan
Design
Implement
Operate
Optimize
Tools for Troubleshooting
NTP
Syslog
SNMP
Wireshark
SPAN(Switched Port Analyzer)
RITE(Route IP Traffic Export)
Here are the severity levels:
0. Emergencies
1. Alerts
2. Critical
3. Errors
4. Warnings
5. Notifications
6. Informational
7. Debugging
Check your interfaces and see if they show as up/up.
Check if an interface is in err-disabled and if so:
A) check why this happened and
B) solve the problem.
Not seeing err-disabled doesn’t automatically mean there are no port-security issues.
The default violation mode for port security is shutdown which will put the
interface in err-disabled mode. The restrict mode will keep the interface up but
shows a log message on the console. Protect mode also keeps the interface up but
doesn’t show any console messages. It’s not a bad idea to take a quick look to see if port
security is active or not…it’s also a good idea to use show mac address-table to see if the
switch learned the MAC addresses on the interfaces.
If everything else seems to be ok, make sure there’s no VACL!
Make sure you use the same encapsulation protocol when configuring trunks.
Always check if a trunk allows all VLANs or not.
If you use a multilayer switch for inter-VLAN routing make sure the SVI interfaces are configured correctly and that routing is enabled.
Make sure the interface you want to be the root port has the lowest cost path.
Check if spanning-tree is enabled or disabled.
Make sure BPDUs are not blocked or filtered between switches.
Make sure the VLAN is active on the interface before looking at spanning-tree related issues.
Make sure you use the same EtherChannel protocol on both sides.
When using PAgP make sure at least one of the switches is using desirable mode or in case of LACP make sure one switch is in active mode.
Make sure all interfaces that will be added to the port-channel have the exact same configuration!
Routing :
EIGRP:
Make sure both routers are on the same subnet.
Make sure the K-values are the same on all EIGRP routers within the same autonomous system.
Make sure the AS number is the same if you want an EIGRP neighbor adjacency.
Don’t enable passive interface if you want to establish an EIGRP neighbor adjacency.
Check if your frame-relay network supports broadcast or not. Configure EIGRP to use unicast or change your frame-relay configuration to support broadcast traffic.
If the network commands are correct, check if you have a distribute-list that is preventing prefixes from being advertised or installed in the routing table.
If EIGRP auto-summary is enabled you might end up with discontiguous networks.
EIGRP auto-summary creates an entry to the null0 interface which might prevent the installation of summaries you receive from neighbor routers.
You can’t advertise what you don’t have in your routing table.
In order for a summary route to be advertised at least one prefix that falls
within the summary, range has to be in the routing table of the advertising router!
Split horizon prevents the advertisement of a prefix out of the interface where we learned it on.
Make sure the next hop IP address is reachable and if needed add additional frame-relay map statements.
Change the administrative distance to change traffic patterns but be aware; In more complex topologies this can also cause routing loops.
When you redistribute something into EIGRP you need to configure seed metrics.
OSPF:
Make sure you have the configured correct network address, wildcard bits, and area.
Make sure OSPF is sending hello packets on an interface because otherwise, you won’t be able to become neighbors.
Don’t block OSPF multicast addresses 224.0.0.5 and 224.0.0.6 (DR/BDR).
Make sure you use the same subnet mask on routers that are directly connected to each other
Make sure you use the same OSPF authentication type and password between routers.
Make sure your OSPF routers agree on the same area number.
Make sure your OSPF routers use the same area type.
Most people have learned that OSPF always requires at least area 0 (the backbone
area). It’s perfectly fine to configure single area OSPF and to use a different area
number. Only when you connect different OSPF areas to each other you’ll need a
backbone area.
The broadcast and non-broadcast network types require a DR/BDR election. Make sure one of the routers gets elected.
The keyword broadcast means we can send broadcast and multicast traffic down the PVC.
Make sure you understand all the OSPF network types and their requirements.
Make sure you configure the correct network address, wildcard bits, and area.
You can not advertise what you don’t have!
Be aware of distribute-lists that prevent the advertising and/or installing of prefixes in the routing table.
Stub areas do not allow external prefixes (LSA Type 5). Either change the area to NSSA to stop redistributing.
If you want to advertise a default route with OSPF you need to have a default route in your routing table or use the “always” keyword.
Make sure you use the correct OSPF network type on both routers.
Add the “subnets” keyword when using redistribution or only classful networks are redistributed.
Use the administrative distance to prevent or allow the installation of prefixes in your routing table(s) and use the metric to select the best path.
Use the correct command for OSPF summarization.
BGP:
Make sure your interfaces are up and running.
Make sure the BGP routers can reach each other, that BGP packets are sourced from the correct interface and in case of EBGP don’t forget to use the multihop command.
Its common practice to configure IBGP between loopback interfaces. Make sure these loopbacks are reachable and that the BGP updates are sourced from the loopback interface.
Type in the exact correct subnet mask
If you see classful networks in your BGP table you might have auto-summary enabled.
Make sure there are no route-maps blocking the advertisement of prefixes.
IBGP neighbor adjacencies have to be full mesh! Another solution would be by using a route-reflector or confederation.
Make sure the next hop IP address is reachable so routes can be installed in the routing table and that all required networks are reachable.
Network Services:
Make sure you have the correct inside and outside interfaces.
Make sure you use the correct access-list to match your inside hosts.
Make sure your routers know how to reach the translated networks.
If everything is OK, make sure the DHCP service is running.
If you use IP helper make sure the DHCP server knows how to reach the subnet where the client is located.
Make sure preemption is enabled for HSRP if you use interface tracking.
Make sure the VRRP routers are able to reach each other.
IPv6:
Make sure IPv6 unicast-routing is enabled if you want to use router advertisements or IPv6 routing protocols.
Make sure you activate RIPNG on all interfaces if they have prefixes that you want to see advertised.
Make sure you configure a router-ID for OSPFv3.
OSPFv3 for IPv6 has the same requirements to form a neighbor adjacency as OSPFv2 for IPv4. Apply your “IPv4 OSPF” knowledge to solve neighbor adjacency issues.
Check the OSPFv3 network type and configure the neighbors using the link-local addresses. Also, make sure you have the correct frame-relay maps.
Apply the same IPv4 OSPF troubleshooting techniques to OSPFv3 after the neighbor
adjacency has been established.
Make sure you use the correct 6to4 tunnel IPv6 addresses.
No comments:
Post a Comment