Back to Dashboard
Module 52
Troubleshooting Switching Issues
โ Previous Module
Next Module โ
# ๐ CCNA 200-301 - Video 52: Troubleshooting Switching Issues ## Deep Study Notes --- ## ๐ Learning Objectives By the end of this video, you should understand: - Common switching issues and their causes - VLAN and trunk troubleshooting - Spanning Tree Protocol (STP) troubleshooting - EtherChannel troubleshooting - Port security issues - Switch hardware and interface issues - Troubleshooting tools and commands --- ## ๐ง Core Concepts ### 1. Common Switching Issues Overview ``` โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ COMMON SWITCHING ISSUES โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค โ โ โ PHYSICAL LAYER ISSUES: โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข Interface down/down โ โ โ โ โข CRC errors, input errors โ โ โ โ โข Duplex mismatch โ โ โ โ โข Speed mismatch โ โ โ โ โข Cable problems โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ VLAN ISSUES: โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข VLAN mismatch โ โ โ โ โข Trunk not forming โ โ โ โ โข Native VLAN mismatch โ โ โ โ โข Allowed VLAN list issues โ โ โ โ โข VTP issues โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ STP ISSUES: โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข Root bridge election issues โ โ โ โ โข Blocked ports incorrect โ โ โ โ โข STP loops โ โ โ โ โข Convergence problems โ โ โ โ โข BPDU guard violations โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ ETHERCHANNEL ISSUES: โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข Port not bundling โ โ โ โ โข Protocol mismatch (LACP vs. PAgP) โ โ โ โ โข Configuration mismatch โ โ โ โ โข Suspended ports โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ PORT SECURITY ISSUES: โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข Port in errdisable โ โ โ โ โข MAC address violation โ โ โ โ โข Sticky MAC issues โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ ``` --- ### 2. Interface Troubleshooting **Interface Status Codes:** | Status | Protocol | Meaning | Solution | |--------|----------|---------|----------| | up | up | Interface working | None | | up | down | Physical up, protocol down | Check VLAN, trunk, keepalive | | down | down | Interface not connected | Check cable, remote device | | administratively down | down | Interface shut down | `no shutdown` | | errdisable | down | Security violation | Check cause, `shutdown/no shutdown` | ```cisco ! Check interface status Switch# show ip interface brief Interface IP-Address OK? Method Status Protocol GigabitEthernet0/1 unassigned YES unset up up GigabitEthernet0/2 unassigned YES unset down down GigabitEthernet0/3 unassigned YES unset administratively down down GigabitEthernet0/4 unassigned YES unset errdisable down ! Check detailed interface statistics Switch# show interfaces gigabitEthernet 0/1 GigabitEthernet0/1 is up, line protocol is up (connected) Hardware is Gigabit Ethernet, address is 001a.2b3c.4d5e (bia 001a.2b3c.4d5e) MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX input flow-control is off, output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 12345 packets input, 12345678 bytes, 0 no buffer Received 0 broadcasts (0 IP multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 0 multicast, 0 pause input 0 input packets with dribble condition detected 12345 packets output, 12345678 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out ``` **Common Interface Error Indicators:** | Error | Meaning | Solution | |-------|---------|----------| | **CRC errors** | Frame Check Sequence errors | Bad cable, duplex mismatch, interference | | **Runts** | Frames smaller than 64 bytes | Collisions, faulty NIC | | **Giants** | Frames larger than MTU | Misconfigured MTU, faulty NIC | | **Input errors** | Various input errors | Cable issues, duplex mismatch | | **Output errors** | Various output errors | Congestion, collisions | | **Collisions** | Multiple transmissions at same time | Half-duplex, heavy traffic | | **Late collisions** | Collisions after 512 bits | Duplex mismatch | --- ### 3. Duplex and Speed Mismatch ``` โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ DUPLEX/SPEED MISMATCH โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค โ โ โ Symptoms: โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข Slow performance โ โ โ โ โข High collision counts โ โ โ โ โข CRC errors โ โ โ โ โข Intermittent connectivity โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ Configuration: โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ ! Manual configuration โ โ โ โ Switch(config)# interface gigabitEthernet 0/1 โ โ โ โ Switch(config-if)# speed 1000 โ โ โ โ Switch(config-if)# duplex full โ โ โ โ โ โ โ โ ! Auto-negotiation (recommended) โ โ โ โ Switch(config-if)# speed auto โ โ โ โ Switch(config-if)# duplex auto โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ Troubleshooting: โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ Switch# show interfaces gigabitEthernet 0/1 | include duplex โ โ โ โ Full-duplex, 1000Mb/s โ โ โ โ โ โ โ โ Switch# show interfaces gigabitEthernet 0/1 | include collisions โ โ โ โ 0 collisions, 0 interface resets โ โ โ โ (High collisions indicate duplex mismatch) โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ ``` --- ### 4. VLAN and Trunk Troubleshooting **VLAN Verification Commands:** ```cisco ! Check VLAN configuration Switch# show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 10 Engineering active Fa0/5, Fa0/6, Fa0/7 20 Sales active Fa0/8, Fa0/9, Fa0/10 30 IT active Fa0/11, Fa0/12, Fa0/13 ! Check VLAN on specific port Switch# show interfaces fastEthernet 0/5 switchport Name: Fa0/5 Switchport: Enabled Administrative Mode: static access Operational Mode: static access Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: native Negotiation of Trunking: Off Access Mode VLAN: 10 (Engineering) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none ``` **Trunk Troubleshooting:** ```cisco ! Check trunk status Switch# show interfaces trunk Port Mode Encapsulation Status Native vlan Gi0/24 on 802.1q trunking 1 Port Vlans allowed on trunk Gi0/24 1-4094 Port Vlans allowed and active in management domain Gi0/24 1,10,20,30 Port Vlans in spanning tree forwarding state and not pruned Gi0/24 1,10,20,30 ! Check trunk configuration Switch# show interfaces gigabitEthernet 0/24 switchport Name: Gi0/24 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Trunking VLANs Enabled: ALL Trunking VLANs Active: 1,10,20,30 Pruning VLANs Enabled: 2-1001 ! Check allowed VLANs Switch(config)# interface gigabitEthernet 0/24 Switch(config-if)# switchport trunk allowed vlan 10,20,30 ``` **Common VLAN/Trunk Issues:** | Problem | Symptom | Solution | |---------|---------|----------| | **VLAN mismatch** | Devices in same VLAN cannot communicate | Verify VLAN assignment on both ends | | **Trunk not forming** | `show interfaces trunk` shows no trunks | Check trunk mode, encapsulation, allowed VLANs | | **Native VLAN mismatch** | Traffic fails, CDP error messages | Set same native VLAN on both ends | | **VLAN not active** | Port in inactive VLAN | Create VLAN on switch | | **Allowed VLANs** | Some VLANs not passing | Verify allowed VLAN list on trunk | --- ### 5. Spanning Tree Protocol (STP) Troubleshooting **STP Verification:** ```cisco ! Check STP status Switch# show spanning-tree VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32768 Address 001a.2b3c.4d5e Cost 19 Port 1 (GigabitEthernet0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 1) Address 001a.2b3c.4d5f Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Gi0/1 Root FWD 19 128.1 P2p Gi0/2 Desg FWD 19 128.2 P2p Gi0/3 Altn BLK 19 128.3 P2p ! Check STP on specific interface Switch# show spanning-tree interface gigabitEthernet 0/3 Vlan Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- VLAN0001 Altn BLK 19 128.3 P2p ! Check root bridge Switch# show spanning-tree root Root Hello Max Fwd Vlan Root ID Cost Time Age Dly Root Port ----- ----------------- ---- ----- --- --- ---------- VLAN1 32768 001a.2b3c.4d5e 19 2 20 15 Gi0/1 ``` **STP Troubleshooting Issues:** | Issue | Symptoms | Solutions | |-------|----------|-----------| | **Wrong root bridge** | Suboptimal path, blocked ports | Change bridge priority: `spanning-tree vlan 1 root primary` | | **STP loop** | Broadcast storm, high CPU | Check for redundant links without STP, enable BPDU guard | | **Port in blocking state** | Traffic not passing | Verify root port selection, check path cost | | **BPDU guard violation** | Port in errdisable | Remove rogue switch, `no shutdown` | | **STP convergence slow** | Delays after failure | Use RSTP or MST, configure PortFast | --- ### 6. EtherChannel Troubleshooting **EtherChannel Verification:** ```cisco ! Check EtherChannel summary Switch# show etherchannel summary Flags: D - down P - in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+----------------------------------------------- 1 Po1(SU) LACP Gi0/1(P) Gi0/2(P) Gi0/3(P) Gi0/4(P) ! Check EtherChannel detail Switch# show etherchannel 1 detail Group: 1 --------- Group state = L2 Ports: 4 Maxports = 8 Port-channels: 1 Protocol: LACP Ports in the group: ------------------- Port: Gi0/1 ----------- Port state = Up Mstr In-Bnd Channel group = 1 Mode = Active Gcchange = - Port-channel = Po1 GC = - Pseudo = - Port index = 0 Load = 0x00 Protocol = LACP ! Check suspended ports Switch# show etherchannel summary | include s ``` **Common EtherChannel Issues:** | Issue | Symptom | Solution | |-------|---------|----------| | **Port not bundling** | Port shows "I" (stand-alone) | Verify speed, duplex, VLAN config match | | **Suspended ports** | Port shows "s" (suspended) | Fix configuration mismatch | | **Protocol mismatch** | LACP vs. PAgP mismatch | Use same protocol on both ends | | **Speed mismatch** | Ports have different speeds | Set all ports to same speed | | **VLAN mismatch** | Access VLANs differ | Set same access VLAN on all ports | --- ### 7. Port Security Troubleshooting **Port Security Verification:** ```cisco ! Check port security status Switch# show port-security Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action (Count) (Count) (Count) --------------------------------------------------------------------------- Fa0/1 2 1 0 Shutdown Fa0/2 1 1 0 Shutdown ! Check specific interface Switch# show port-security interface fastEthernet 0/1 Port Security : Enabled Port Status : Secure-up Violation Mode : Shutdown Aging Time : 0 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 2 Total MAC Addresses : 1 Configured MAC Addresses : 0 Sticky MAC Addresses : 1 Last Source Address:Vlan : 001a.2b3c.4d5e:10 Security Violation Count : 0 ! Check errdisable recovery Switch# show errdisable recovery ErrDisable Reason Timer Status ----------------- -------------- bpduguard Disabled security-violation Enabled ... Timer interval: 300 seconds ! Clear errdisable port Switch# clear errdisable interface fastEthernet 0/1 ``` **Port Security Issues:** | Issue | Symptom | Solution | |-------|---------|----------| | **Port in errdisable** | Interface status shows errdisable | `no shutdown`, clear errdisable | | **MAC violation** | Security violation count > 0 | Remove offending device, increase max MACs | | **Sticky MAC issues** | New device can't connect | Clear sticky MACs, configure aging | | **Aging issues** | MACs not aging out | Configure aging time and type | --- ### 8. VTP Troubleshooting **VTP Verification:** ```cisco ! Check VTP status Switch# show vtp status VTP Version capable : 1 to 3 VTP version running : 2 VTP Domain Name : LAB VTP Pruning Mode : Enabled VTP Traps Generation : Disabled Device ID : 001a.2b3c.4d5e Configuration last modified by : 192.168.1.1 at 3-1-24 10:30:45 Feature VLAN: -------------- VTP Operating Mode : Server Maximum VLANs supported locally : 1005 Number of existing VLANs : 25 Configuration Revision : 15 MD5 Digest : 0x12 0x34 0x56 0x78 0x9A 0xBC 0xDE 0xF0 ! Check VTP counters Switch# show vtp counters VTP statistics: Summary advertisements received : 150 Subset advertisements received : 25 Request advertisements received : 5 Summary advertisements transmitted : 200 Subset advertisements transmitted : 35 Request advertisements transmitted : 2 Number of config revision errors : 0 Number of config digest errors : 0 ``` **VTP Issues:** | Issue | Symptom | Solution | |-------|---------|----------| | **VLANs not propagating** | Clients don't learn VLANs | Verify domain name, password, version | | **VLANs deleted** | All VLANs disappear | Switch with higher revision added, reset revision | | **VTP disabled** | "VTP disabled" in status | Check domain mismatch, password | | **Revision errors** | Configuration revision mismatch | Reset revision on new switches | --- ### 9. Switch Hardware Issues **Hardware Verification:** ```cisco ! Check switch hardware status Switch# show environment Switch# show environment temperature Switch# show environment power Switch# show environment fan ! Check CPU utilization Switch# show processes cpu Switch# show processes cpu history ! Check memory Switch# show memory Switch# show memory statistics ! Check system status Switch# show system Switch# show version ``` **Hardware Issues:** | Issue | Symptom | Solution | |-------|---------|----------| | **High CPU** | Slow management, packet loss | Identify process using CPU, disable unnecessary features | | **High temperature** | Fan noise, shutdown | Check cooling, clean filters | | **Power failure** | Switch reboots, ports down | Check power supply, UPS | | **Stack issues** | Stack split, member offline | Check stack cables, ring topology | --- ### 10. Troubleshooting Flowchart - Switching ``` โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ SWITCHING TROUBLESHOOTING FLOW โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค โ โ โ START: Device cannot communicate โ โ โ โ โ โผ โ โ Check physical layer โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข Link lights on? โ โ โ โ โข Interface up/up? โ โ โ โ โข No errors? โ โ โ โ If NO โ Check cable, replace cable, check remote device โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ โ โผ โ โ Check VLAN โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข Port in correct VLAN? โ โ โ โ โข VLAN exists? โ โ โ โ If NO โ Configure VLAN, assign port โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ โ โผ โ โ Check trunk (if applicable) โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข Trunk established? โ โ โ โ โข Native VLAN matches? โ โ โ โ โข Allowed VLANs include correct VLANs? โ โ โ โ If NO โ Fix trunk configuration โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ โ โผ โ โ Check STP โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข Port in forwarding state? โ โ โ โ โข Root bridge correct? โ โ โ โ If NO โ Check STP configuration, verify root bridge โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ โ โผ โ โ Check port security โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข Port in errdisable? โ โ โ โ โข Security violation? โ โ โ โ If YES โ Clear errdisable, fix violation โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ โ โผ โ โ Check EtherChannel (if applicable) โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โข All ports in channel? โ โ โ โ โข No suspended ports? โ โ โ โ If NO โ Fix configuration mismatch โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ โ โ โ โผ โ โ PROBLEM SOLVED โ โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ ``` --- ## ๐ง Complete Configuration Examples ### Lab 1: Troubleshooting Interface Issues ```cisco ! Step 1: Check interface status show ip interface brief ! Step 2: Check detailed statistics show interfaces gigabitEthernet 0/1 ! Step 3: Check for errors show interfaces gigabitEthernet 0/1 | include errors|crc|collisions ! Step 4: Check duplex/speed show interfaces gigabitEthernet 0/1 | include duplex|speed ! Step 5: If errors found, reset interface interface gigabitEthernet 0/1 shutdown no shutdown ``` --- ### Lab 2: Troubleshooting VLAN/Trunk Issues ```cisco ! Step 1: Check VLAN assignments show vlan brief ! Step 2: Check trunk status show interfaces trunk ! Step 3: Check native VLAN show interfaces trunk | include Native ! Step 4: Check allowed VLANs show interfaces trunk | include allowed ! Step 5: Verify port configuration show interfaces gigabitEthernet 0/24 switchport ``` --- ### Lab 3: Troubleshooting STP Issues ```cisco ! Step 1: Check STP status show spanning-tree ! Step 2: Identify root bridge show spanning-tree root ! Step 3: Check blocked ports show spanning-tree | include BLK ! Step 4: Check specific interface show spanning-tree interface gigabitEthernet 0/3 ! Step 5: Verify BPDU guard (if configured) show spanning-tree interface gigabitEthernet 0/1 | include guard ``` --- ### Lab 4: Troubleshooting EtherChannel ```cisco ! Step 1: Check EtherChannel summary show etherchannel summary ! Step 2: Identify suspended ports show etherchannel summary | include s ! Step 3: Check port details show etherchannel 1 detail ! Step 4: Check port configuration mismatch show running-config interface range gigabitEthernet 0/1-4 ! Step 5: Verify LACP/PAgP status show lacp neighbor show pagp neighbor ``` --- ### Lab 5: Troubleshooting Port Security ```cisco ! Step 1: Check port security status show port-security ! Step 2: Check specific interface show port-security interface fastEthernet 0/1 ! Step 3: Check errdisable ports show interfaces status | include errdisable ! Step 4: Clear errdisable port clear errdisable interface fastEthernet 0/1 ! Step 5: Re-enable port interface fastEthernet 0/1 shutdown no shutdown ``` --- ## โ Exam Tips (For CCNA 200-301) | Topic | What Cisco Tests | |-------|------------------| | **Interface Status** | Interpret `show ip interface brief`, `show interfaces` | | **Duplex/Speed** | Identify mismatch from collision counts | | **VLAN** | Verify correct VLAN assignment, trunk configuration | | **STP** | Interpret port roles, root bridge election | | **EtherChannel** | Identify bundling issues, suspended ports | | **Port Security** | Interpret errdisable, violation modes | | **Troubleshooting** | Systematic approach to isolate issues | ### Common Exam Scenarios: **Scenario 1:** "A switch port shows 'up/down'. What is the most likely issue?" - **Answer:** Physical layer is up, but data link layer is down (VLAN mismatch, trunk issue) **Scenario 2:** "High collision counts on an interface indicate what problem?" - **Answer:** Duplex mismatch (one side half-duplex, other full-duplex) **Scenario 3:** "A port in EtherChannel shows 's' (suspended). What is the cause?" - **Answer:** Configuration mismatch (speed, duplex, VLAN) between ports --- ## ๐ Summary (1-Minute Revision) ``` SWITCHING TROUBLESHOOTING: INTERFACE STATUS: โโโ up/up: Working โโโ up/down: Layer 2 issue (VLAN, trunk) โโโ down/down: Physical issue (cable) โโโ administratively down: Shut down โโโ errdisable: Security violation ERROR INDICATORS: โโโ CRC errors: Bad cable, duplex mismatch โโโ Collisions: Duplex mismatch, congestion โโโ Runts/Giants: Faulty NIC, MTU issues โโโ Input errors: Cable problems VLAN/TRUNK: โโโ show vlan brief - VLAN assignment โโโ show interfaces trunk - Trunk status โโโ show interfaces switchport - Port config โโโ Check native VLAN, allowed VLANs STP: โโโ show spanning-tree - Root bridge, port roles โโโ show spanning-tree root - Root identification โโโ Check blocked ports (BLK) โโโ Verify root bridge selection ETHERCHANNEL: โโโ show etherchannel summary - Bundle status โโโ P - in channel, I - stand-alone, s - suspended โโโ Check speed, duplex, VLAN match โโโ Verify protocol (LACP/PAgP) matches PORT SECURITY: โโโ show port-security - Overall status โโโ show port-security interface - Port details โโโ show interfaces status | include errdisable โโโ clear errdisable interface [int] VERIFICATION COMMANDS: โโโ show ip interface brief โโโ show interfaces โโโ show vlan brief โโโ show spanning-tree โโโ show etherchannel summary โโโ show port-security โโโ show errdisable recovery ``` --- ## ๐งช Practice Questions **1. What does a "up/down" interface status indicate?** - A) Physical layer down - B) Physical layer up, data link layer down - C) Interface administratively down - D) Interface working normally <details> <summary>Answer</summary> <b>B) Physical layer up, data link layer down</b> - Layer 1 is good, Layer 2 has issues. </details> **2. High collision counts on an interface typically indicate what problem?** - A) Bad cable - B) Duplex mismatch - C) VLAN mismatch - D) STP loop <details> <summary>Answer</summary> <b>B) Duplex mismatch</b> - One side half-duplex, other full-duplex causes collisions. </details> **3. Which command displays trunk status on a switch?** - A) `show vlan brief` - B) `show interfaces trunk` - C) `show trunk` - D) `show interfaces switchport` <details> <summary>Answer</summary> <b>B) `show interfaces trunk`</b> - Displays trunk ports and allowed VLANs. </details> **4. What does a port with "s" in EtherChannel summary indicate?** - A) Port is in channel - B) Port is suspended - C) Port is stand-alone - D) Port is hot-standby <details> <summary>Answer</summary> <b>B) Port is suspended</b> - Configuration mismatch, not passing traffic. </details> **5. Which command clears an errdisabled port?** - A) `no shutdown` - B) `clear errdisable` - C) `clear errdisable interface` - D) Both A and C <details> <summary>Answer</summary> <b>D) Both A and C</b> - `clear errdisable interface` or `shutdown/no shutdown` works. </details> **6. A switch port shows "errdisable". What is the most likely cause?** - A) Cable disconnected - B) Port security violation - C) Duplex mismatch - D) VLAN mismatch <details> <summary>Answer</summary> <b>B) Port security violation</b> - Errdisable is often caused by security violations. </details> **7. Which command displays the root bridge for all VLANs?** - A) `show spanning-tree` - B) `show spanning-tree root` - C) `show root` - D) `show vtp status` <details> <summary>Answer</summary> <b>B) `show spanning-tree root`</b> - Shows root bridge information for each VLAN. </details> **8. What does a port role of "Altn" in STP indicate?** - A) Designated port - B) Root port - C) Alternate port (blocked) - D) Backup port <details> <summary>Answer</summary> <b>C) Alternate port (blocked)</b> - Alternate port is blocked, ready to become root port if needed. </details> **9. Which command shows CRC errors on an interface?** - A) `show interfaces` - B) `show ip interface brief` - C) `show running-config` - D) `show vlan` <details> <summary>Answer</summary> <b>A) `show interfaces`</b> - Displays CRC errors and other interface statistics. </details> **10. A device in VLAN 10 cannot communicate with another device in VLAN 10 on the same switch. What is the most likely issue?** - A) Trunk not configured - B) Native VLAN mismatch - C) VLAN 10 not created or ports not assigned - D) STP blocking <details> <summary>Answer</summary> <b>C) VLAN 10 not created or ports not assigned</b> - Check VLAN existence and port assignment. </details> **11. What does "native VLAN mismatch" cause?** - A) No traffic on trunk - B) CDP errors and traffic issues - C) Port security violation - D) Duplex mismatch <details> <summary>Answer</summary> <b>B) CDP errors and traffic issues</b> - Native VLAN mismatch causes CDP error messages. </details> **12. Which command identifies a duplicate MAC address in the network?** - A) `show mac address-table` - B) `show interfaces` - C) `show vlan` - D) `show running-config` <details> <summary>Answer</summary> <b>A) `show mac address-table`</b> - Shows MAC addresses and learned ports; flapping indicates duplicate. </details> --- ## ๐ Next Steps After completing Video 52, you should be ready for: - **Video 53:** Troubleshooting Routing Issues - **Video 54:** Troubleshooting WAN Issues **Lab Practice:** 1. Create interface issues (shutdown, errors) and troubleshoot 2. Create VLAN/trunk issues and fix 3. Change root bridge and observe STP changes 4. Create EtherChannel with mismatched configs 5. Trigger port security violations and recover --- **Ready for Video 53?** Share the link or say "next" and I'll continue with Troubleshooting Routing Issues. I'll continue with **Video 53: Troubleshooting Routing Issues** based on the standard CCNA 200-301 curriculum. ---