1 Common Symptoms
1. Transport layer
. When the physical layer, data link routing and network layer are running normally, resources cannot be accessed and there are connection problems;
. The network is either off- or continuous, which is worse than the baseline state;
The program generates error messages and reports link or connectivity issues (when they are perceived);
. Users complain that the network is too slow;
. The console reported anomalies, and unpredictable events were observed in the system log;
&nbs p;. The management system alarm explains the problem;
. Partial, intermittent or incorrect performance problems due to TCP window problems, too long backhaul time, too many retransmissions, etc.
2. Application layer
. Resources are unreachable or unusable, while the physical layer, data link layer, network layer and transport layer are normal;
. Network services or programs cannot meet users' normal expectations;
. The application reported an error message or failure of the feature;
Users complain that the network is too slow or that the network program cannot work, is unavailable or is too slow;
. The console message indicates an abnormal event and the system log file reports an error;
. The management system alarm indicates the occurrence of abnormal events.
2. Guide to isolating transport layer and application layer issues
. By testing and proving that there is IP connectivity between the two devices, it is determined that the problem is not at the network layer or the level below it;
. When placing email-related issues, it is important to know that sending and receiving emails rely on different protocols and involve multiple components. Therefore, their functions must be tested separately.
. You can find out the details of a specific transport layer or application layer protocol by viewing the relevant RFC. Some of its protocols/programs are embedded with addresses. Other programs may have special control, handshake or authentication requirements. 3. Isolate common commands
Commonly used commands for isolating application layer problems
. traceroute
. cat /etc/
. ifconfig -a
. ipconfig/all
. winipcfg/all
. tracert
. show running-config
. show hosts
. ping
. nslookup
Quarantine email issues
. telnet [ip-address] 25
. telnet [ip-address] 110
. telnet [ip-address] 143
Isolated network management issues
. debug snmp packets
. debug ntp events
. debug ntp packets
Isolation file management issues
. copy tftp
. telnet [ip-address] 21
. debug tftp
Isolation of telnet problem
. telnet [ip-address]
. debug telnet
Isolate DHCP issues
. show ip dhcp binding
. show dhcp lease
. debug dhcp [detail]
. debug ip dhcp server [event|packets]
Four Correction of Problem Command Set
1. Valid IP access list command to correct TCP and UDP issues
. access-list {access-list-number}{deny|permit}{ip|udp|tcp|...}source-address source-wildcard destination-address destination-wildcard [operator operand][log]
. ip access-list {access-list-name}
. ip access-group {access-list-number|access-list-name}[in|out]
The content of the access list explains whether a specific type of transport layer packet protocol data unit (PDU) that carries from or sent to a specific application port number can be entered or outputted to an interface.
2. Correct application layer problems
. snmp-server enable {informs|traps}
. snmp-server community name [rw|ro]{access-list-number}
. snmp-server host {name|ip-address}
. ntp server {ip-address} --ntp uses UDP port 123. Time synchronization and accurate time and calendar are important in most cases for network devices.
. ntp peer {ip-address}
. ntp source {interface}
service timestamps log datetime localtime --Configure the router to mark log messages with a time stamp of local date and time
. service timestamps debug datetime localtime
. ip helper-address {address}
. [no] service dhcp
DHCP plays an important role in today's TCP/IP networks. Generally, one or two DHCP servers and many personal computers are configured as DHCP clients to request and obtain IP addresses, subnet masks, default gateways, etc. The router can be configured to forward these requests and responses (BOOTP clients and BOOTP servers). These are UDP-based broadcasts and can be converted to unicast. The ip helper-address interface command can configure the router to forward the client's bootp request to the DHCP server in unicast mode, and put the network address of the network segment where the request is located in the DHCP header. 5 Contact CISCO Technical Support Center
Before contacting, request the following information to be collected and archived:
1. Accurate network diagrams or at least some network diagrams with problems. Graphs including IP addresses and masks are more useful;
2. All information collected during the quarantine process;
3. If there are fewer than 4 devices in question, you need to capture the output of the show tech-support command;
4. Dial or telnet to the affected device. 6 Guide to Correcting Problems
1. To confirm that the device to be changed has configuration saved
2. Make expectations, make only one change at a time
3. Evaluate and archive the results of changes
4. Make sure that no new problems are introduced in the changes made
5. Continue to change until the problem is solved
6. You may need to find help from external resources, such as colleagues, consultants, or CISCO Technical Support Center
7. Changes and plans made in the archive Article entry: csh Editor in charge: csh
1. Transport layer
. When the physical layer, data link routing and network layer are running normally, resources cannot be accessed and there are connection problems;
. The network is either off- or continuous, which is worse than the baseline state;
The program generates error messages and reports link or connectivity issues (when they are perceived);
. Users complain that the network is too slow;
. The console reported anomalies, and unpredictable events were observed in the system log;
&nbs p;. The management system alarm explains the problem;
. Partial, intermittent or incorrect performance problems due to TCP window problems, too long backhaul time, too many retransmissions, etc.
2. Application layer
. Resources are unreachable or unusable, while the physical layer, data link layer, network layer and transport layer are normal;
. Network services or programs cannot meet users' normal expectations;
. The application reported an error message or failure of the feature;
Users complain that the network is too slow or that the network program cannot work, is unavailable or is too slow;
. The console message indicates an abnormal event and the system log file reports an error;
. The management system alarm indicates the occurrence of abnormal events.
2. Guide to isolating transport layer and application layer issues
. By testing and proving that there is IP connectivity between the two devices, it is determined that the problem is not at the network layer or the level below it;
. When placing email-related issues, it is important to know that sending and receiving emails rely on different protocols and involve multiple components. Therefore, their functions must be tested separately.
. You can find out the details of a specific transport layer or application layer protocol by viewing the relevant RFC. Some of its protocols/programs are embedded with addresses. Other programs may have special control, handshake or authentication requirements. 3. Isolate common commands
Commonly used commands for isolating application layer problems
. traceroute
. cat /etc/
. ifconfig -a
. ipconfig/all
. winipcfg/all
. tracert
. show running-config
. show hosts
. ping
. nslookup
Quarantine email issues
. telnet [ip-address] 25
. telnet [ip-address] 110
. telnet [ip-address] 143
Isolated network management issues
. debug snmp packets
. debug ntp events
. debug ntp packets
Isolation file management issues
. copy tftp
. telnet [ip-address] 21
. debug tftp
Isolation of telnet problem
. telnet [ip-address]
. debug telnet
Isolate DHCP issues
. show ip dhcp binding
. show dhcp lease
. debug dhcp [detail]
. debug ip dhcp server [event|packets]
Four Correction of Problem Command Set
1. Valid IP access list command to correct TCP and UDP issues
. access-list {access-list-number}{deny|permit}{ip|udp|tcp|...}source-address source-wildcard destination-address destination-wildcard [operator operand][log]
. ip access-list {access-list-name}
. ip access-group {access-list-number|access-list-name}[in|out]
The content of the access list explains whether a specific type of transport layer packet protocol data unit (PDU) that carries from or sent to a specific application port number can be entered or outputted to an interface.
2. Correct application layer problems
. snmp-server enable {informs|traps}
. snmp-server community name [rw|ro]{access-list-number}
. snmp-server host {name|ip-address}
. ntp server {ip-address} --ntp uses UDP port 123. Time synchronization and accurate time and calendar are important in most cases for network devices.
. ntp peer {ip-address}
. ntp source {interface}
service timestamps log datetime localtime --Configure the router to mark log messages with a time stamp of local date and time
. service timestamps debug datetime localtime
. ip helper-address {address}
. [no] service dhcp
DHCP plays an important role in today's TCP/IP networks. Generally, one or two DHCP servers and many personal computers are configured as DHCP clients to request and obtain IP addresses, subnet masks, default gateways, etc. The router can be configured to forward these requests and responses (BOOTP clients and BOOTP servers). These are UDP-based broadcasts and can be converted to unicast. The ip helper-address interface command can configure the router to forward the client's bootp request to the DHCP server in unicast mode, and put the network address of the network segment where the request is located in the DHCP header. 5 Contact CISCO Technical Support Center
Before contacting, request the following information to be collected and archived:
1. Accurate network diagrams or at least some network diagrams with problems. Graphs including IP addresses and masks are more useful;
2. All information collected during the quarantine process;
3. If there are fewer than 4 devices in question, you need to capture the output of the show tech-support command;
4. Dial or telnet to the affected device. 6 Guide to Correcting Problems
1. To confirm that the device to be changed has configuration saved
2. Make expectations, make only one change at a time
3. Evaluate and archive the results of changes
4. Make sure that no new problems are introduced in the changes made
5. Continue to change until the problem is solved
6. You may need to find help from external resources, such as colleagues, consultants, or CISCO Technical Support Center
7. Changes and plans made in the archive Article entry: csh Editor in charge: csh