CCNP TSHOOT Chapter 4 Lab 4-2, Mixed Layer 2-3 Connectivity (Version 7)

Physical Topology

Logical Topology

Objectives

  • Load the trouble ticket device configuration files for each trouble ticket.
  • Diagnose and resolve problems related to switch virtual interfaces and multilayer switching.
  • Diagnose and resolve problems related to First Hop Redundancy Protocols.
  • Document troubleshooting progress, configuration changes, and problem resolution.

Background

Multilayer switches have the capability to act as routers by way of switch virtual interfaces (SVIs), routed interfaces, and routing protocols. SVIs are Layer 3 logical interfaces representing VLANs and routed ports are Layer 3 physical interfaces. Multilayer switches are frequently used as part of the LAN switch fabric and can be configured with a First Hop Redundancy Protocol (FHRP). Two or more Layer 3 switches (or routers) can provide redundant paths to the network edge for local hosts. A host is configured with a virtual default gateway address. If one of the gateways goes down, the other can take over for the client without the client’s knowledge. FHRPs used in CCNPv7.0 are Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), and Gateway Load Balancing Protocol (GLBP).

In this lab, you will troubleshoot problems related to Layer 3 switching and FHRPs. For each task or trouble ticket, the scenario and problem symptoms are described. While troubleshooting, you will discover the cause of the problem, correct it, and then document the process and results.

Physical and Logical Topology Diagrams

The physical and logical topologies, including interface designations and IPv4/IPv6 addresses, are provided to assist the troubleshooting effort.

Note: This lab uses Cisco ISR G2 routers running Cisco IOS 15.4(3) images with IP Base and Security packages enabled, and Cisco Catalyst 3560 and 2960 switches running Cisco IOS 15.0(2) IP Services and LAN Base images, respectively. The 3560 and 2960 switches are configured with the SDM templates dual-ipv4-and-ipv6 routing and lanbase-routing, respectively. Depending on the router or switch model and Cisco IOS Software version, the commands available and output produced might vary from what is shown in this lab. Any changes made to the baseline configurations or topology (other than errors introduced) are noted in the trouble ticket so that you are aware of them prior to beginning the troubleshooting process.

Required Resources

  • 3 routers (Cisco IOS Release 15.4 or comparable)
  • 2 multilayer switches and 1 access layer switch (Cisco IOS Release 15.0(2) or comparable with Fast Ethernet interfaces)
  • SRV1 (PC with static IP address): Windows 7 with RADIUS, TFTP, and syslog servers, plus an SSH client and WireShark software
  • PC-B (DHCP client): Windows 7 with SSH client and WireShark software
  • PC-C (DHCP client): Windows 7 with SSH client and WireShark software
  • Serial and Ethernet cables, as shown in the topology

Task 1: Trouble Ticket Lab 4-2 TT-A

Step 1: Review trouble ticket Lab 4-2 TT-A.

During last Friday’s maintenance window, a series of failover tests at headquarters and the branch offices were executed. It was discovered during a reboot of switch DLS1 that connectivity between clients in OFFICE VLAN 120 and the Internet was lost. After router DLS1 came back online, the clients regained connectivity. This was not the expected behavior, because the network provides gateway first-hop redundancy for clients in the OFFICE VLAN to ensure correct failover during outages: If one of the HSRP switches fails, the hosts on the OFFICE VLAN should still be able to access the Internet (by pinging R2 Lo1 2.2.2.2 during the outage).

Step 2: Load the device trouble ticket configuration files for TT-A.

Using the procedure described in the BASE Lab, verify that the lab configuration files are present in flash. Load the proper configuration files indicated in the Device Configuration File Table.

Note: You can test the simulated Internet access by opening a browser and entering the IP address of the R2 Lo1 interface 2.2.2.2. You will be prompted for a username and password. You can gain access to the router GUI management interface by entering username cisco and the enable password cisco.

Device Configuration File Table

Device Name File to Load Notes
ALS1 Lab42-ALS1-TT-A-Cfg.txt
DLS1 Lab42-DLS1-TT-A-Cfg.txt
DLS2 Lab42-DLS2-TT-A-Cfg.txt
R1 Lab42-R1-TT-A-Cfg.txt
R2 Lab42-R2-TT-A-Cfg.txt
R3 Lab42-R3-TT-A-Cfg.txt
SRV1 N/A Static IP: 10.1.100.1 and 2001:DB8:CAFE:100::1
Default gateway: 10.1.100.254/24 and 2001:DB8:CAFE:100::D1/64
PC-B N/A DHCP (release and renew for IPv4 and IPv6 after loading device configurations)
PC-C N/A DHCP (release and renew for IPv4 and IPv6 after loading device configurations)

Step 3: Configure SRV1 and start the syslog and TFTP servers.

a. Ensure that SRV1 has the static IP address 10.1.100.1 and default gateway 10.1.100.254.
b. Start the syslog server on SRV1, which is the syslog server for the entire network. When the network is properly configured, all devices send syslog messages to SRV1.
c. Start the TFTP server on SRV1, which is the archive server for the entire network. When the network is properly configured, all devices send archives of their running configurations to this server whenever the running config is copied to the startup config. Ensure that the default TFTP directory on SRV1 is set to the directory where you want to store the archives.

Step 4: Release and renew the DHCP leases on PC-B and PC-C.

a. Ensure that PC-B and PC-C are configured as DHCP clients.
b. After loading all TT-A device configuration files, issue the ipconfig/release and ipconfig/renew commands on PC-B and PC-C. You might need to repeat this process after the TT problems have been resolved.

Note: Problems introduced into the network by the trouble ticket might prevent one or both of the PCs from acquiring an IP address. Do not assign either PC a static address.

Step 5: Outline the troubleshooting approach and validation steps.

Use this space to identify your troubleshooting approach and the key steps to verify that the problem is resolved. Troubleshooting approaches to select from include the follow-the-path, perform-comparison, bottom-up, top-down, divide-and-conquer, shoot-from-the-hip, and swap-components (move-the-problem) methods.

Note: In addition to a specific approach, you can use the generic troubleshooting process: defining a problem, gathering information, analyzing the information, eliminating possible problem causes, formulating a hypothesis about the likely cause of the problem, testing that hypothesis, and solving the problem.
__________________________________________________________________

Step 6: Record the troubleshooting process and configuration changes.

Use this log to document your actions and results during the troubleshooting process. List the commands you used to gather information. As you progress, record your thoughts as to what you think the problem might be and which actions you take to correct the problem.

Device Actions and Results

Step 7: Document trouble ticket debrief notes.

Use this space to make notes of the key learning points that you picked up during the discussion of this trouble ticket with your instructor. The notes can include problems encountered, solutions applied, and useful commands employed. It can also include alternate solutions, methods, and procedures and communication improvements.
__________________________________________________________________

Task 2: Trouble Ticket Lab 4-2 TT-B

Step 1: Review trouble ticket Lab 4-2 TT-B.

Upon arriving at the office this morning, you find the following ticket in the system:

Switch ALS1 has been showing CRC errors on a group of eight ports for several days. It was suspected that hardware was the cause. During yesterday evening’s maintenance window, the switch was replaced with a similar switch from the lab. After this replacement, clients could connect, and no errors were shown on the ports. However, making a backup of the ALS1 configuration to server SRV1 did not work, and no syslog messages from ALS1 are being received by SRV1. The switch is not reachable via SSH from server SRV1. There was no time for further research yesterday so, because there is no impact to users, it was decided to leave the switch and pick up this issue the next day.

Your task is to diagnose the issue and restore connectivity between switch ALS1 and server SRV1. After resolving the problem, make a backup of the configuration to server SRV1.

Step 2: Load the device trouble ticket configuration files for TT-B.

Load the proper configuration files indicated in the Device Configuration File Table.

Note: The following device access methods are in effect after loading the configuration files:

  • • Console access requires no username or password.
  • • SSH requires the username admin and password cisco.
  • • The enable password is cisco.

Device Configuration File Table

Device Name File to Load Notes
ALS1 Lab42-ALS1-TT-B-Cfg.txt
DLS1 Lab42-DLS1-TT-B-Cfg.txt
DLS2 Lab42-DLS2-TT-B-Cfg.txt
R1 Lab42-R1-TT-B-Cfg.txt
R2 Lab42-R2-TT-B-Cfg.txt
R3 Lab42-R3-TT-B-Cfg.txt
SRV1 N/A Static IP: 10.1.100.1 and 2001:DB8:CAFE:100::1
Default gateway: 10.1.100.254/24 and 2001:DB8:CAFE:100::D1/64
PC-B N/A DHCP (release and renew for IPv4 and IPv6 after loading device configurations)
PC-C N/A DHCP (release and renew for IPv4 and IPv6 after loading device configurations)

Step 3: Configure SRV1 and start the syslog and TFTP servers, as described in Task 1.

Step 4: Release and renew the DHCP leases on PC-B and PC-C, as described in Task 1.

Step 5: Outline the troubleshooting approach and validation steps.

Use this space to identify your troubleshooting approach and the key steps to verify that the problem is resolved. Troubleshooting approaches to select from include follow-the-path, perform-comparison, bottom-up, top-down, divide-and-conquer, shoot-from-the-hip, and swap-components (move-the-problem) methods.

Note: In addition to a specific approach, you can use the generic troubleshooting process.
___________________________________________________________________

Step 6: Record the troubleshooting process and configuration changes.

Use this log to document your actions and results during the troubleshooting process. List the commands you used to gather information. As you progress, record your thoughts as to what you think the problem might be and which actions you take to correct the problem.

Device Actions and Results

Step 7: Document trouble ticket debrief notes.

Use this space to make notes of the key learning points that you picked up during the discussion of this trouble ticket with your instructor. The notes can include problems encountered, solutions applied, useful commands employed, alternate solutions, methods and processes, and procedure and communication improvements.
___________________________________________________________________

Task 3: Trouble Ticket Lab 4-2 TT-C

Step 1: Review trouble ticket Lab 4-2 TT-C.

Mary performed a password recovery on ALS1 last night after hours so that no users would be affected. This morning no trouble tickets were posted and apparently employees have normal network access. You went to reconfigure a switch port on ALS1 to the OFFICE VLAN for a new cubicle, but ping, Telnet, and SSH to ALS1 via IPv4 are failing from the ISP management station at 10.1.202.1. You can ping ALS1 interfaces using IPv6. You try to SSH via IPv6, but you get the message % Connection refused by remote host; you then recall baseline policy dictates ALS1 to have an IPv6 ACL applied to its vty lines to prevent IPv6 access.

You check the logs on SRV1 and notice that all network devices indicate periodic entries from this morning, except ALS1. You can SSH into DLS1 and DLS2, which have networks in common with ALS1; with this workaround you try to SSH from SVI 99 on DLS1 directly to SVI 99 on ALS1. But Mary changed the account information for remote access on ALS1! You have no option but to console into ALS1 to troubleshoot – fortunately you still have console access. Your task is to reestablish remote access functionality to ALS1 via IPv4 from the ISP management station and reestablish logging to SRV1 from ALS1.

Step 2: Load the device trouble ticket configuration files for TT-C.

Load the proper configuration files indicated in the Device Configuration File Table.

Device Configuration File Table

Device Name File to Load Notes
ALS1 Lab42-ALS1-TT-C-Cfg.txt
DLS1 Lab42-DLS1-TT-C-Cfg.txt
DLS2 Lab42-DLS2-TT-C-Cfg.txt
R1 Lab42-R1-TT-C-Cfg.txt
R2 Lab42-R2-TT-C-Cfg.txt
R3 Lab42-R3-TT-C-Cfg.txt
SRV1 N/A Static IP: 10.1.100.1 and 2001:DB8:CAFE:100::1
Default gateway: 10.1.100.254/24 and 2001:DB8:CAFE:100::D1/64
PC-B N/A DHCP (release and renew for IPv4 and IPv6 after loading device configurations)
PC-C N/A DHCP (release and renew for IPv4 and IPv6 after loading device configurations)

Step 3: Configure SRV1 and start the syslog and TFTP servers, as described in Task 1.

Step 4: Release and renew the DHCP leases on PC-B and PC-C, as described in Task 1.

Step 5: Outline the troubleshooting approach and validation steps.

Use this space to identify your troubleshooting approach and the key steps to verify that the problem is resolved. Troubleshooting approaches to select from include follow-the-path, perform-comparison, bottom-up, top-down, divide-and-conquer, shoot-from-the-hip, and swap-components (move-the-problem) methods.

Note: In addition to a specific approach, you can use the generic troubleshooting process.
____________________________________________________________________

Step 6: Record the troubleshooting process and configuration changes.

Use this log to document your actions and results during the troubleshooting process. List the commands you used to gather information. As you progress, record your thoughts as to what you think the problem might be and which actions you take to correct the problem.

Device Actions and Results

Step 7: Document trouble ticket debrief notes.

Use this space to make notes of the key learning points that you picked up during the discussion of this trouble ticket with your instructor. The notes can include problems encountered, solutions applied, and useful commands employed. It can also include alternate solutions, methods, and procedures and communication improvements.
_____________________________________________________________________

Task 4: Trouble Ticket Lab 4-2 TT-D

Step 1: Review trouble ticket Lab 4-2 TT-D.

You assigned John the task of securing the HSRP implementation with MD5 authentication on the SERVERS VLAN. After John completes the task, initial reports are promising, but turn out to be premature. Some company guests are complaining about intermittent server access that seems to correlate with the HSRP authentication changes. Your task is to review and verify the implementation of HSRP and fix any issues that remain.

Step 2: Load the device trouble ticket configuration files for TT-D.

Load the proper configuration files indicated in the Device Configuration File Table.

Device Configuration File Table

Device Name File to Load Notes
ALS1 Lab42-ALS1-TT-D-Cfg.txt
DLS1 Lab42-DLS1-TT-D-Cfg.txt
DLS2 Lab42-DLS2-TT-D-Cfg.txt
R1 Lab42-R1-TT-D-Cfg.txt
R2 Lab42-R2-TT-D-Cfg.txt
R3 Lab42-R3-TT-D-Cfg.txt
SRV1 N/A Static IP: 10.1.100.1 and 2001:DB8:CAFE:100::1
Default gateway: 10.1.100.254/24 and 2001:DB8:CAFE:100::D1/64
PC-B N/A DHCP (release and renew for IPv4 and IPv6 after loading device configurations)
PC-C N/A DHCP (release and renew for IPv4 and IPv6 after loading device configurations)

Step 3: Configure SRV1 and start the syslog and TFTP servers, as described in Task 1.

Step 4: Release and renew the DHCP leases on PC-B and PC-C, as described in Task 1.

Step 5: Simulate traffic load from PC-C to SRV1.

Simulate server traffic load from company guests: Enter the user EXEC mode commands ttcp receive on R1 and ttcp transmit 10.1.2.2 on R3. Leave it running until the ticket is resolved.

Note: An alternative is to enter ping -t -l 19000 10.1.100.1 on PC-C, to simulate server traffic load on VLAN 100 – antivirus and firewall software may need to be disabled on some PCs to permit this command.

Step 6: Outline the troubleshooting approach and validation steps.

Use this space to identify your troubleshooting approach and the key steps to verify that the problem is resolved. Troubleshooting approaches to select from include follow-the-path, perform-comparison, bottom-up, top-down, divide-and-conquer, shoot-from-the-hip, and swap-components (move-the-problem) methods.

Note: In addition to a specific approach, you can use the generic troubleshooting process.
____________________________________________________________________

Step 7: Record the troubleshooting process and configuration changes.

Use this log to document your actions and results during the troubleshooting process. List the commands you used to gather information. As you progress, record your thoughts as to what you think the problem might be and which actions you take to correct the problem.

Note: You might need to issue the ipconfig /release and ipconfig /renew commands on DHCP clients after the network device problems are resolved.

Device Actions and Results

Step 8: Document trouble ticket debrief notes.

Use this space to make notes of the key learning points that you picked up during the discussion of this trouble ticket with your instructor. The notes can include problems encountered, solutions applied, and useful commands employed. It can also include alternate solutions, methods, and procedures and communication improvements.
_________________________________________________________________


guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x