1.  Determine if interface is up, if line protocol is up
 
SWITCH:
 
show interfaces [type id] 
* show interfaces [type id] status
 
ROUTER
LAN:
 
* show ip interface [type id] brief
* show ip interface [type id]
   show interfaces
 
SERIAL
 
* show interfaces serial
 
 
IF interface down, is it disabled, err-disabled, administratively disabled?
 
SWITCH:
 
show interfaces status
 
if err-disabled
 
show port-security [type id]
 
{shows the last MAC on the port, total MAC's allowed on port, total MAC's currently on port}
 
ROUTER
 
show ip interface 
 
2.  FOR ROUTERS:  Can you put an interface up always (a loopback)--is your router o.k.?
 
Configure interface loopback 0 with an ip address
is it up?
 
show ip interface loopback 0
 
can you ping that ip?
 
if so, your router is o.k. 
 
If line protocol down, is problem on your side or theirs?  Do:
 
LOOPBACK TEST
 
Change serial encapsulation to HDLC (default)
 
configure loopback
 
ping 127.0.0.1
 
change encapsulation back to what it was (or oops!) 
 
4.  If line protocol down, 
 
is there a mismatch in speed??
 
SWITCH:
 
show interfaces status
show interfaces switchport
 
{in the latter case you can nalso look for the trunk and trunking encapsulation--with this command, you can also find out if autonegotiation to a trunk failed--in which case interface will be up won't communicate}
 
 
ROUTERS:
 
show running-config
  
Or a Mismatch in encapsulation?
 
SWITCH:
 
show interfaces switchport
show trunk
 
{to determine whether encapsulation isl or dot1q}   
ROUTER:
 
show running-config
 
show interfaces
 
http://www.thebryantadvantage.com/CCNA640802CCENTHDLCOnPPPLinks.htm
 
 
 
 
"If one of the routers is running another encapsulation type, the physical interfaces will still be up, but the line protocol will go down and IP connectivity will be lost.  To illustrate, I'll change the encapsulation type on R3's Serial1 interface to the Point-To-Point Protocol (PPP).
 
"R3(config-if)#exit
R3(config)#int serial 1
R3(config-if)#encapsulation ppp
 
"A few seconds later, the line protocol goes down on R3.
 
2d04h: %SYS-5-CONFIG_I: Configured from console by console
2d04h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to down
 
show interface serial 1 on both routers verifies that the physical interface is up, but the line protocol is down.  IP connectivity is lost.
 
"R3#show interface serial 1
Serial1 is up, line protocol is down" 
 
 
5.  If line protocol up, packets don't get through
 
 
Diagnose the problem:
 
 
 
SWITCH
 
show interfaces status
 
 
 
ROUTER
 
show interfaces
 
 
 
 
?? Is there a duplex mismatch?
(late collisions, lots of collisions)
 
 
SWITCH
 
show interfaces switchport
 
 
 
ROUTER: 
 
show running-config
 
 
 
 
?? Is there a clocking problem (lots of aborts)?
 
 
 
SERIAL:
 
 
 
show controllers serial 
 
{gives clock rate}
 
 
 
 
 
?? Is there a cable problem (crc's, frames, resets)
 
 
 
show controllers
 
 
 
SERIAL:
 
 
 
show controllers serial 
 
 
6.  Not a lot of collisions, can't ping subnet:  
 
 
  
??Is arp working?? mac-address-table o.k.?
 
 
SWITCH:
 
 
 
show mac-address-table 
 
 
 
 
ROUTER:
 
 
 
show arp
 
* show ip arp
 
 
 
HOST
 
 
 
arp -a
 
??
 
 
 
 
If the address not in the arp cache, maybe this is because there is an old address in the cache--no longer good--but that has not expired.  To diagonose, DO:
 
 
 
ROUTER:
 
 
 
clear arp-cache
 
show ip arp
 
 
 
ping ip/domain
 
 
 
show arp
 
{ is address now there?}
 
 
 
HOST
 
 
 
arp -a
 
 
 
neths interface delete arp-cache
 
 
 
?  arp -d
 
 
 
arp -a
 
ping ip/domain
 
 
 
arp -a
 
 
 
Is address now there?
 
 
 
 
7. Are addresses/subnets/masks properly configured or mismatched?
 
 
* For connectivity within subnet
 
 
 
SWITCH:  
 
* show port-security address
 
{shows all macs on port, along with vlan}
 
 
 
show mac-address-table
 
 
 
{ then go back to check the arp in the router for these mac's, using show arp or show ip arp}
 
 
 
 
 
ROUTER
 
 
 
show arp
 
show ip arp
 
 
 
* * *
 
 
 
Is Vlan active?
 
 
 
show interfaces [type, id] switchport
 
 
 
8. For connectivity outside of subnet
 
 
 
* If vlan's configured, then
 
 
 
 
 
on SWITCH
 
 
 
FIRST:
 
 
 
show interfaces switchport [type, id]
 
 
 
{ shows if vlan's in ? are active, what the encapsulation is,
 
if port is functioning as access or trunk, if trunking is being negotiated }
 
 
 
show vlan brief
 
 
 
{shows each vlan on switch, if vlan active, ports on vlan}
 
 
 
show trunk
 
 
 
{ want to see if vlan's in question are on trunk, if trunking encapsulation o.k., what port trunk is on }
 
 
 
NOW:
 
show port-security address 
 
or
 
show mac-address table
 
{to see vlan-to-mac mapping}
 
 
 
Then check router to find ip address for mac's in the cases you could not check on host (you can also check the host to find the ip, using Windows commands)
 
 
 
ROUTER
 
 
 
{that connects to trunk}
 
show arp
 
or show ip arp
 
 
 
{ verify subnets of IPs associated with MAC's in question, in VLAN's in question }
 
show interfaces
 
{ verify interfaces working that connect to trunk }
 
 
 
show running-config
 
{will verify the encapsulation of interfaces that connect to trunk}
 
 
 
* If trying to get to default gateway:
 
check for default gateway configuration
 
check for default gateway connectivity
 
compare device ip, subnet mask with default gateway ip/subnet mask
 
with default
 
 
 
 
 
TO SHOW DEFAULT GATEWAY CONFIGURATION, IP, MASK
 
 
 
HOST
 
 
 
ip config /all
 
{ shows mask, ip, default gateway }
 
 
 
SWITCH
 
 
 
show mac-address-table
 
show port-security address
 
{then check MAC for IP on router using show arp, show ip arp}
 
 
 
ROUTER 
 
show ip dhcp import
 
{ if default gateway imported }
 
 
 
show ip route
 
 
 
{ shows default gateway }
 
 
 
For matching of subnets between routers and switches
 
 
 
ROUTER/SWITCH
 
show cdp interface
 
{USER}
 
 
 
{shows your device's interfaces that are connected to neighbors where cdp is active, neighbors you can get info on--note this is a user-level command--a good reason to use the command, no cdp run, to keep this from being used in a reconnaissance attack!}
 
 
 
* show cdp neighbors 
 
{PRIV}
 
{ shows your interface and connecting interface of attached neighbor}
 
 
 
* show cdp neighbors detail
 
{ all the information, including the neighbors' ip's, that you'll need}
 
 
 
* show cdp entry [type, id]
 
{ USER }
 
* show cdp entry *
 
{ USER }
 
 
 
ROUTER:
 
show ip interface brief
 
show interfaces
 
{latter shows subnet mask}
 
 
 
SERIAL:
 
show interfaces serial
 
 
 
 
7.  Can't get out,
 
 
?? is default gateway configured?
 
 
 
If all o.k. with subnet, default gateway, inter-vlan routring,
 
 ?? Are NAT translations working?
 
 
 
ROUTER:
 
show ip nat translations
 
show ip nat statistics
 
 
 
{BOOK says:  ping outside address and watch for translation}
 
{ Follow same procedures as before to check the outbound interface--if you can access that device }
 
 
 
8.  Is routing o.k.?
 
 
 
ROUTER
 
 
 
show ip route
 
 
 
subnets, routing protocols/methods in use
 
 
 
 
9.  Is other side of default gateway--outbound interface--up or down, what about its line protocol?
 
 
 
AND DEVICE
 
ping ip/domain
 
 
 
{where ip or domain is that of outbound interface}
 
 
 
 
10.  Is DNS server o.k.?
 
 
 
ROUTER
 
show ip dhcp server {?? does this command exist this might be for internal}
 
show ip dhcp import { if dns server imported }
 
 
HOST
 
ip/config all
 
 
 
ROUTER
 
show ip dns statistics
 
 
 
{shows if dns requests have been dropped
 
??  http://www.usenet-forums.com/bind-users/234077-re-dns-query-id-not-changing.html}
 
 
 
 
ping { will show if domain resolution going on}
 
 
11.  For problems with specific addresses:
 
 
ROUTER
show ip access-list
 
 
12. All o.k. , system not overworked either
 
 
 
show process
 
 
 
{ if overworked, make sure it is not an attack }
 
 
???, it's not your problem then
 

</html>