chapter 1: planning maintenance for complex networks
DESCRIPTION
Chapter 1 Objectives Evaluate commonly-practiced models and methodologies for network maintenance Identify the processes and procedures that are a fundamental part of any network maintenance methodology Identify, evaluate and select tools, applications and resources to support network maintenance processes High-level assessment claims: Describe Maintenance Models and Methodologies Describe the network maintenance plan Describe the disaster recovery process Describe common network maintenance tools, applications and resources Describe the importance of network monitoring and performance measurement Explain how to work with backup and restore servicesTRANSCRIPT
© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco PublicCourse v6 Chapter #
1
Chapter 1:Planning Maintenance for Complex Networks
CCNP TSHOOT: Maintaining and Troubleshooting IP Networks
Chapter #2© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Chapter 1 Objectives Evaluate commonly-practiced models and
methodologies for network maintenance Identify the processes and procedures that are a
fundamental part of any network maintenance methodology
Identify, evaluate and select tools, applications and resources to support network maintenance processes
Chapter #3© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Maintenance Models and MethodologiesA network engineer’s job description can include tasks related to:
Device installation and maintenance-installing devices and software, as well as creating and backing up configurations and software.
Failure response-supporting users that experience network problems, troubleshooting device or link failures, replacing equipment, and restoring backups.
Network performance-capacity planning, performance tuning, and usage monitoring.
Business procedures-documenting, compliance auditing, and service level agreement (SLA) management.
Security-implementing security procedures and security auditing
Chapter #4© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Maintenance Models and Organizations IT Infrastructure Library (ITIL)-This is a framework of best
practices for IT Service Management. ITIL describes best practices that help in providing high quality IT services that are aligned with business needs and processes. Developed by the UK Office of Government Commerce (OGC).
ISO – FCAPS• Fault management• Configuration management• Accounting management• Performance Management• Security Management
ITU-T - Telecommunications Management Network (TMN) Cisco Lifecycle Services Phases – PPDIOO
(Prepare, Plan, Design, Implement, Operate, and Optimize)
Chapter #5© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Configuration Management element of the FCAPS model
Chapter #6© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Network Maintenance Tools, Applications, and Resources
ConsoleSSHTelnet
HTTPHTTPSTelnetSSH
NTP
Syslog
TFTPFTPSCPHTTP(S)
Time Logging
BackupsCLI mgmt
GUI mgmt
Chapter #7© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
NTP Example
service timestamps debug datetime msec localtime show-timezoneservice timestamps log datetime localtime show-timezone!clock timezone PST -8clock summer-time PDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00!ntp server 10.1.220.3
(Selected output from the running config)
Chapter #8© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Logging Services
Logging severity levels on Cisco devices: (0) Emergencies (1) Alerts (2) Critical (3) Errors (4) Warnings (5) Notifications (6) Informational (7) Debugging
Enabling logging for a lower level (from importance point of view) will enable logging for all the above levels.
Chapter #9© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Logging to a Server
Messages are logged to a circular log buffer in RAMthat is limited to 16384 Bytes.
Logging messages on the console arelimited to level 4 and lower. By defaultall messages from level 0 (emergencies) to level 7 (debugging) are logged.
Messages are logged to a syslog server at IP Address 10.1.152.1. By default all messagesExcept level 7 are sent.
!logging buffered 16348!logging console warnings!logging 10.1.152.1!
Chapter #10© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Implementing Backup and Restore Services using FTP
Copy using FTP with specified username and password
Copy using FTP with stored username and password
R1(config)# ip ftp username backupR1(config)# ip ftp password san-franR1(config)# exitR1# copy startup-config ftp://10.1.152.1/R1-test.cfgAddress or name of remote host [10.1.152.1]?
Destination filename [R1-test.cfg]?
Writing R1-test.cfg !
2323 bytes copied in 0.304 secs (7641 bytes/sec)
R1# copy startup-config ftp://backup:[email protected]/R1-test.cfgAddress or name of remote host [10.1.152.1]? Destination filename [R1-test.cfg]? Writing R1-test.cfg !2323 bytes copied in 0.268 secs (8668 bytes/sec)
Chapter #11© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Implementing Backup and Restore Services using Archive
Setting up the configuration archive
show archive command output
R1(config)# archiveR1(config-archive)# path flash:/config-archive/$h-configR1(config-archive)# write-memoryR1(config-archive)# time-period 10080
R1# show archive There are currently 3 archive configurations saved.
The next archive file will be named flash:/config-archive/R1-config-4
Archive # Name
0
1 flash:/config-archive/R1-config-1
2 flash:/config-archive/R1-config-2
5 flash:/config-archive/R1-config-3 <- Most Recent
Chapter #12© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Implementing Backup and Restore Services using configure replace
R1# configure terminal Enter configuration commands, one per line. End with CNTL/Z.R1(config)# hostname TESTTEST(config)# ^Z TEST# configure replace flash:config-archive/R1-config-3 listThis will apply all necessary additions and deletionsto replace the current running configuration with thecontents of the specified configuration file, which isassumed to be a complete configuration, not a partialconfiguration. Enter Y if you are sure you want to proceed. ? [no]: yes!Pass 1!List of Commands:no hostname TESThostname RO1endTotal number of passes: 1Rollback Done
Chapter #13© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Disaster Recovery Tools Successful disaster recovery is dependent on the existence of the following: Up to date configuration backups Up to date software backups Up to date hardware inventories Configuration and software provisioning tools
Chapter #14© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Chapter 2 Objectives
Identify troubleshooting principles and evaluate troubleshooting methodologies.
Plan and implement troubleshooting procedures as part of a structured troubleshooting methodology.
Plan and implement troubleshooting and network maintenance procedures to effectively support each other.
Chapter #15© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Troubleshooting MethodologiesFlow chart of a structured troubleshooting approach
Chapter #16© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Troubleshooting MethodologiesShoot from the hip vs. structured troubleshooting method
Chapter #17© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Troubleshooting Approaches
Top-down Bottom-up Divide and conquer Follow-the-path Spot the differences Move the problem
Chapter #18© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Troubleshooting Approaches - Move the Problem Example
Laptop B is having network problems. Cable or port swapping can help isolate the problem.
Chapter #19© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Implementing Troubleshooting Procedures
Defining the problem Gathering information Analyzing the information Eliminating possible problem causes Formulating a hypothesis about the likely cause of the
problem Testing that hypothesis Solving the problem
Chapter #20© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Troubleshooting Process – Verify and Define the Problem
Chapter #21© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Troubleshooting Process – Gather Information
Chapter #22© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Troubleshooting Process – Analyze
Chapter #23© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Troubleshooting Process – Eliminate
Chapter #24© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Troubleshooting Process – Propose Hypothesis
Chapter #25© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Troubleshooting Process – Test Hypothesis
Chapter #26© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Troubleshooting Process – Solve Problem
Chapter #27© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Troubleshooting and Network Maintenance
Chapter #28© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Troubleshooting and Network Maintenance
Accurate documentation is critical to effective troubleshooting.
A network baseline is essential and can include:• Interface load for critical network links (IOS)• CPU load and memory usage of routers and switches (SNMP)• Accounting of network traffic (NBAR, NetFlow)• Measurement of network performance characteristics (IP SLA)
Chapter #29© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Communication and Change Control Change control is a fundamental process in network maintenance. Controls when changes are made, authorization required and what
actions are taken. Can reduce unplanned outages and increase network uptime. The change control process:
• Implement the change• Verify that it achieved the desired results• Roll back if necessary • Back up the changed configurations or software• Document/communicate your changes
Chapter #30© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Troubleshooting Spanning Tree
Chapter #31© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Spanning Tree Failures
STP is a reliable but not an absolutely failproof protocol. If STP fails there are usually major negative consequences. With Spanning Tree, there are two different types of failures.
• Type 1 - STP may erroneously block certain ports that should have gone to the forwarding state. You may lose connectivity to certain parts of the network, but the rest of the network is unaffected.
• Type 2 - STP erroneously moves one or more ports to the Forwarding state. The failure is more disruptive as bridging loops and broadcast storms can occur.
Chapter #32© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Rapid PVST+, PortFast, BPDU Guardхувьд анхаарах зүйлс Root Bridge-г тохируулах мөн PVST+ Convergence шалгах Root Bridge гэдэг нь сайн замыг агуулж байгаа сүлжээний гол
зангилаа хэсэг. Иймээс сүлжээгээр дамжих бүх өгөдөл нь root bridge-р дамжина.
Хамгийн бага BID-тэй свитч нь Root Bridge-р сонгогдоно. Primary болон Secondary свитчийг тодорхойлох /S1,S2/ Зөвхөн access порт буюу PC холбогдох порт дээр тохируулна.
Ингэснээр Listening, Learning төлвийг алгасаад шууд Forwarding төлөврүү шилжүүлж ажиллагааг хурдасгана.
PortFast тохируулсан портон дээр BPDU хүлээж авдаггүй учир switch залгавал loop үүсэх эрсдэлтэй.
BPDU guard-г идэвхижүүлсэнээр PortFast тохируулсан access интерфейс дээр свитч залгаад BPDU дамжуулбал интерфейс error-disabled горимд шилжин унтран loop үүсэхээс сэргийлнэ.
Chapter #33© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Spanning Tree Failures – Cont.
DSW2# show etherchannel 1 detailGroup state = L2
Ports: 2 Maxports = 8
Port-channels: 1 Max Port-channels = 1
Protocol: -
Minimum Links: 0
Ports in the group:
-------------------
Port: Fa0/5
------------
Port state = Up Cnt-bndl Suspend Not-in-Bndl
Channel group = 1 Mode = On Gcchange = -
Port-channel = null GC = - Pseudo port-channel = Po1
Port index = 0 Load = 0x00 Protocol = -
Age of the port in the current state: 0d:00h:25m:13s
Probable reason: vlan mask is different
<output omitted>
Using the show etherchannel 1 detail command
Chapter #34© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
EtherChannel Problems
Three common EtherChannel problems:1. Inconsistencies between the physical ports that are
members of the channel2. Inconsistencies between the ports on the opposite sides of
the EtherChannel link3. Uneven distribution of traffic between EtherChannel
bundle members
Chapter #35© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
EtherChannel Diagnostic Commands
DSW2# show etherchannel summaryFlags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 2
Number of aggregators: 2
Group Port-channel Protocol Ports
------+-------------+-----------+-------------------------
1 Po1(SD) - Fa0/5(s) Fa0/6(s)
2 Po2(SU) - Fa0/3(P) Fa0/4(P)
Using the show etherchannel summary command
Chapter #36© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
EtherChannel Diagnostics
ASW1# show spanning-tree vlan 17
MST0
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 001e.79a9.b580
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 001e.79a9.b580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- ------------------------------
Fa0/7 Desg FWD 200000 128.9 P2p Edge
Po1 Desg BLK 100000 128.56 P2p
Po2 Desg BKN*100000 128.64 P2p Bound(PVST) *PVST_Inc
Using the show spanning-tree command to examine STP
Chapter #37© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
DHCP/NAT хувьд гарах алдааг шалгах DHCP тохиргоог зөв дэс дараалалтай хийх. Үүнээс гадна show ip dhcp binding
командаар PC-нүүд хаягаа автоматаар авч байгааг шалгана Өгөгдсөн PC болон ISP-д дотоод болон гадаад хаягуудыг зөв өгч show ip nat
translations командаар NAT хөрвүүлэгдэж байгааг шалгана Дотоод серверээс IPS-руу ping явуулснаар заасан топологи дээрх статик NAT
хөрвүүлгийг show ip nat translations эсвэл debug ip nat командаар шалгана
Show ip dhcp conflict -- Давхардсан хаягын мэдээллийг харах
Бусад динамик замчлалын протоколын тохиргоог зөв хийснийг замчлалын мэдээллээс харах хэрэгтэй
ip nat pool NAT_POOL 209.165.201.9 209.165.201.14 netmask 255.255.255.248 ip nat inside source list NAT_ACL pool NATPOOL overload (pool нэрийг буруу бичсэн) ip nat inside source list NAT_ACL pool NAT_POOL overload (NAT_POOL гэж бичих
байсан) Дотоод хаягнаас гадаад хаяг руу хөрвүүлэх нат үүсгээгүй Ip helper-address-г өөр сүлжээнд байгаа dhcp server ашиглаж байгаа үед бичиж
өгдөг
Chapter #38© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Troubleshooting NAT/PAT Issues – Cont.
The following commands can help determine if NAT is functioning correctly:
clear ip nat translation: • Removes NAT entries from the NAT table.• Specific entries can cleared with additional parameters.• Clearing all translations can cause disruption until new translations are
re-created. show ip nat translations:
• Displays all the translations (static and dynamic) that are currently installed and active on the router.
show ip nat statistics:• Displays NAT statistics such as number of translations (static, dynamic,
extended), number of expired translations, number of hits (match), number of misses (no match).
Chapter #39© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Troubleshooting NAT/PAT Issues – Cont.Helpful NAT-related debug commands: debug ip nat:
• Displays information about each packet that the router translates. debug ip nat detailed:
• Generates a description of each packet considered for translation.• Also displays information about certain errors or exception conditions, such as the failure
to allocate a global address. debug ip packet [access-list]:
• Displays general IP debugging information and IP security option (IPSO) security transactions.
• If a communication session is closing when it should not be, an end-to-end connection problem can be the cause.
• Useful for analyzing messages traveling between the local and remote hosts.• Captures packets that are process switched including received, generated, and
forwarded packets.• IP packets that are switched in the fast path are not captured.• The access-list option allows you to narrow down the scope of debugging.
Chapter #40© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Troubleshooting NAT/PAT Issues – Cont.
Limiting debug output with the debug condition command: debug condition interface interface:
• Called conditionally triggered debugging.• Generates debugging messages for packets entering or leaving on the
specified interface.• Will not generate debugging output for packets for a different interface.• First define the condition with the debug condition command. For
example, define a condition of interface serial 0/0.• This definition means that all debug output will be limited to that particular
interface.• The condition remains defined and applied until it is removed.• Check the active debug conditions using the show debug condition
command.
Chapter #41© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
DHCP Troubleshooting Commands show ip dhcp server statistics: Displays counts for server statistics and
messages sent and received for an IOS-based DHCP server. show ip dhcp binding: Displays DHCP binding information for IP address
assignment and subnet allocation. show ip dhcp conflict: Displays address conflicts found by a Cisco IOS DHCP
server when addresses are offered to the client. show ip dhcp pool name: Displays the subnets allocated and the current utilization
level for the pool or all the pools if the name argument is not used. show ip dhcp database: Displays server database agent information:
• URL: Specifies the remote file used to store automatic DHCP bindings
• Read/written: The last date and time bindings were read/written from the file
• server
• Status: Indication of whether the last read or write of host bindings was successful
• Delay: The amount of time (in seconds) to wait before updating the database
• Timeout: The amount of time (in seconds) before the file transfer is aborted
• Failures/Successes: The number of failed/successful file transfers
Chapter #42© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
DHCP Troubleshooting Commands – Cont. debug ip udp:
• Displays UDP packets sent and received.• Can use considerable CPU cycles on the device.
debug ip dhcp server [packets | events]: • Enables DHCP server debugging.• The events option reports server events such as address assignments and database
updates.• The packets option decodes DHCP receptions and transmissions.
clear ip dhcp binding {* | address}: • Deletes an address binding from the DHCP server database.• The address denotes the IP address of the client.• If the asterisk (*) character is used as the address parameter, DHCP clears all
automatic bindings. clear ip dhcp conflict {* | address}:
• Clears an address conflict for a specific entry with the address option.• Clears all address conflicts with the asterisk (*) option.
Chapter #43© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
OSPF хувьд гарах алдааг шалгах show run interface командаар IP хаягийн мэдээллийг
хаягчлалын хүснэгттэй харьцуулах . Мөн subnet mask болон IPv4, IPv6-ийн link-local хаягуудыг шалгах. интерфэйсүүд дээр single area,multi-area OSPF, OSPF stub area, totally-stub area, not-so-stub area болон authentication-ы тохиргоог тус тус шалгах
Замчлалын хүснэгтийг шалгах Хөрш болох нөхцөлүүдийг шалгах Нэг area- д байгаа эсэхийг шалгах Ямар протокол тохируулсаныг шалгах show ip interface brief командаар портын төлвийг шалгах. ping командыг ашиглан, хөрш рүүтэр болгоны хувьд сериал
интерфейсүүдийн холболт, PC хостууд болон default gateway хоорондын холболтыг шалгах.
Chapter #44© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
OSPF хувьд гарах алдааг шалгах
Нэмэлт OSPF шаардлага: Рутер бүр дээр router ID тохируулсан байх шаардлагатай. - R1 Router ID: 1.1.1.1
- R2 Router ID: 2.2.2.2- R3 Router ID: 3.3.3.3
Бүх сериал интерфейс дээр clocking rate-г 128 Kb/s-р тохируулаж өгөх ба OSPF-н cost метрикын тооцоололтой зөв таарч байхаар зурвасын өргөнийг тохируулаж өгөх шаардлагатай.
1941 рутер нь гигабитийн интерфейстэй тиймээс дефаултаараа OSPF нь бүх интерфэйсүүдэд метрикийн үнэлгээг тарааж өгөхөөр тохируулагдсан байдаг.
Бүх интерфейсүүд дээрх OSPF замчлалыг зарлан мэдээнүүд дээр MD5 authentication тохируулаж өгөх мөн MD5LINKS гэсэн түлхүүр ашиглах шаардлагатай.
Chapter #45© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
EIGRP хувьд гарах алдааг шалгах Рөүтерүүдийн хаяг тохирохгүй байх. Show ip interface brief коммандаар
рөүтерийн интерфейсүүдэд өгсөн хаягууд харагдана. 2 рөүтерийн хоорондох холболтонд нэг интерфейсийн хаяг нь нөгөө рөүтертэй холбогдсон интерфейсийн IP хаягтай тохирохгүй байвал холболт тогтохгүй. Зөв хаягийг өгөхөд холболт тогтоно.
Хөршийн мэдээлэл харагдахгүй байх. show ip eigrp neighbors коммандаар хөршийн мэдээлэл харж болно. Та EIGRP тохируулахдаа autonomous-system дугаараа рөүтерүүд дээрээ өөр тохируулвал холболт тогтохгүй. EIGRP-н нэг үүрэг нь хөршүүдийн AS дугаар нь зэргэлдээ хөршийхтэйгээ таарч байх ёстой.Учир нь EIGRP AS-д бүх рөүтерийн мэдээлэл багтдаг. Хэрэв өөр өөр өгсөн бол ижилхэн болгох хэрэгтэй.
Loopback хаягаа буруу тохируулсан байх. Рөүтер дээр EIGRP тохируулахдаа loopback хаягаа андуурч ямар нэгэн байдлаар алдаатай тохируулж өгсөн байвал холболт тогтохгүй. EIGRP дээрх сүлжээний мэдээллээ зөв бүртгэвэл асуудал шийдэгдэнэ.
Рөүтерүүд дээр автоматаар нэгтгэх үйлдлийг зогсоох хэрэгтэй. EIGRP тохируулж өгөхдөө no auto-summary бичиж өгөөгүй үед бүх хаягийг автоматаар нэгтгэдэг.
Chapter #46© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
ACL хувьд гарах алдааг шалгах
ACL-ийг тохируулах үед сүлжээний урсгалд нөлөөлөх тохирохгүй арга хэрэглэсэн буруу интерфейс дээр буруу тохиргоо хийсэн эсвэл буруу чиглэлд хийсэн байж болно.
Алхам1: Show running-config комманд ашиглан ACL-ыг хаана бичсэнийг хар. Буруу бичсэн бол интерфейсийн тохиргооны горимд ороод ACL-ыг устга.
Алхам2: ACL-ын гаралтын урсгал оролтын урсгалаас илүү байна. ACL-ыг хэрэгжүүлэхдээ out гэсэн түлхүүр ашиглахыг санаарай.
Гаралтын чиглэлээс ACL-ыг устгаад оролтын чиглэлд дахин хэрэгжүүл.
Chapter #47© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Troubleshooting Common ACL Errors Remember that ACL statements are processed in
sequence from the top down. Make sure that the sequence of the ACL statements is correct.
Make sure that you permit/deny the proper protocol. Make the correct use of the TCP, UDP and IP keywords.
Always double check the use of the any keyword. Make sure that you have applied the ACL to the correct
interface and for the correct direction.
• There are specific examples of the above in the text and the curriculum.
J.IN321 Мэргэжлийн дадлага
Chapter #48© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
FRAME RELAY хувьд гарах алдааг шалгах
DLCI дугаарыг буруу өгөх hub – and – spoke топологи дээр frame relay болон
EIGRP замчлалын протокол ашиглан тохиргоо хийх үед frame relay свичийн горимоор ажиллана.
WEST болон EAST рөүтэр хоорондоо холбогдохдоо HQ рөүтэрээр дамжин холбогдоно. Энэ үед split horizon үүсэн ба үүнийг идэвхгүй болгож өгөх хэрэгтэй. Split horizon нь тухайн интерфейсээр орж ирсэн мэдээллийг дахин тэр интерфейсээр гаргадаггүй.
Chapter #49© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
FRAME RELAY хувьд гарах алдааг шалгах
Frame Relay switch-с интерфэйсийн холболтонд Frame Relay encapsulation болон Inverse ARP-н тохиргоог идэвхигүй болгож тохируулна.
Дотоод Frame Relay тохиргоог хийснээр рөүтерийн интерфэйс лүү холболт тогтож байгааг frame relay map – ашиглан мэдэж болно.
Мөн Loopback интерфайс тохируулж өгнө.OSPF сүлжээний төрөл болох NBMA тохируулах Frame Relay бол Non-broadcast multi-access сүлжээ юм.
Энэ үе шатанд hub and spoke дээр OSPF сүлжээний төрөл болох NBMA-г Frame Relay дээр хэрэглэх, Frame Relay-н физик интерфайс болон multipoint төрлийн subinterface-үүдийн аль нэгийг өгөгдсөний дагуу тохируулна.
Chapter #50© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Ipv6 6to4 туннелийн хувьд анхаарах зүйлс
Туннел нь 2 төгсгөлийн цэгийн хоорондын холболт болох логик интерфейс юм. Энэ нь loopback интерфейстэй ижил боловч харьцах физик интерфейс оршдоггүй боловч олон тооны router оролцож байгаа үед энэ нь ялгаатай болдог юм. 6to4 туннел нь тусгай IPv6 хаягийг 2002::/16 хаягийн зайд ашигладаг.
Энэхүү шатанд нэмэлт 6to4 IPv6 loopback интерфейсийг LAN-г орлохоор тохируулах бөгөөд үүний дараа 6to4 туннелийг loopback интерфейсүүдийн хооронд IPv6 холболтоор тохируулна
6to4 туннелийг интерфейсийн туннелийн дугаарын тусламжтайгаар туннелийн интерфейсийн тохиргооны горимд шилжүүлэн тохируулна. Хялбар байлгахын тулд 0 дугаарын интерфейсийг ашиглана.
Туннелийн горимыг tunnel mode ipv6 6to4 коммандын тусламжтайгаар тохируулна. Үүний дараа ipv6 address address/mask коммандын тусламжтайгаар IPv6 хаягийг
тохируулна. IPv6 хаягийг тохируулсны дараа туннелийн эхний интерфейсийг tunnel source
type/number коммандын тусламжтайгаа тохируулна. Бүхий л туннелийн тохиргоо хийгдсэний дараа IPv6 замчлалыг ipv6 unicast-routing
коммандын тусламжтай идэвхижүүлэх бөгөөд 2002::/16 сүлжээний IPv6 статик замчлалыг бүхэлд нь ipv6 route address/mask interface коммандын тусламжтай тохируулна. Тухайн интерфейс нь үүсгэсэн туннел дотор байрлана.
Chapter #51© 2007 – 2010, Cisco Systems, Inc. All rights reserved. Cisco Public