Cisco
Nota
Checagem da interface Wan - Análise de perda de pacotes, incremento de erro ou quedas recentes.
1. Comandos Básicos Router Cisco
Router IP: 192.168.131.108 x 192.172.100.102:
TESTRO0075# clear counter int GigabitEhternet0/1
TESTRO0075# ping 192.172.100.102 size 1500 repeat 1000 df-bit (escape sequence to abort: 'press ctrl + shift + 6' simultainiously)
Type escape sequence to abort.
Sending 1000, 1500-byte ICMP Echos to 192.172.100.102, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (2162/2268), round-trip min/avg/max = 40/58/224 ms
TESTRO0075# show int description
TESTRO0075# show ip int brief
TESTRO0075# show int GigabitEhternet0/1
TESTRO0075# show logging | include GigabitEhternet0/1
TESTRO0075# show standby brief
TESTRO0075# show standby (hscp - hot stanby cisco protocol)
TESTRO0075# show int GigabitEhternet0/1 | in up | drops
TESTRO0075# show int summ
TESTRO0075# show run int GigabitEthernet0/1
TESTRO0075# show int | i CRC
TESTRO0075# show ver | i uptime
TESTRO0001# show clock
Acesso ao equipamento TESTRO0001 com incremento de erro na interface operadora.
Router IP: 192.172.100.101 x 192.172.100.102:
TESTRO0001# clear counter int FastEthernet0/1
TESTRO0001# ping 192.172.100.102 size 1500 repeat 1000 df-bit (escape sequence to abort: 'press ctrl + shift + 6' simultainiously)
Type escape sequence to abort.
Sending 1000, 1500-byte ICMP Echos to 192.172.100.102, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (2162/2268), round-trip min/avg/max = 40/58/224 ms
TESTRO0001# show int description
TESTRO0001# show ip int brief
TESTRO0001# show standby brief
TESTRO0001# show standby
TESTRO0001# show int FastEthernet0/1
TESTRO0001# show int FastEthernet0/1 | in up | drops
TESTRO0001# show int summ
TESTRO0001# show run int FastEthernet0/1
TESTRO0001# show int | i CRC
TESTRO0001# show ver | i uptime
TESTRO0001# show clock
2. Comandos Básicos Switch Cisco SG 300-20
Nota
A máquina com o mac f8:0f:41:35:17:22 do setor fac-símiles, não se encontra na vlan abacaxi. Portanto será necessário mudar para a vlan correta que é 10.221.60.0/24 (vlan id 17).
Sabendo quais os dados da vlan correta através do switch core, acesse o sw de acesso:
MARSUPIAL-SW06# show vlan
Vlan Name Ports Type Authorization
---- ----------------- --------------------------- ------------ -------------
1 1 gi20,Po1-8 Default Required
17 CATCHUP-DADOS gi20 permanent Required
58 GERAL-DADOS gi1-4,gi5,gi7-11,gi13-15, permanent Required
gi17-20
60 ABACAXI-DADOS gi6,gi12,gi16,gi20 permanent Required
144 CATCHUP-VOZ gi20 permanent Required
561 GERENCIA-SW gi20 permanent Required
MARSUPIAL-SW06# show int conf gi4
Flow Admin Back Mdix
Port Type Duplex Speed Neg control State Pressure Mode
-------- ------------ ------ ----- -------- ------- ----- -------- ----
gi4 1G-Copper Full 1000 Enabled Off Up Disabled Auto
Preste muita atenção ao entrar no modo de configuração:
MARSUPIAL-SW06# conf t
MARSUPIAL-SW06(config)# int gi4
MARSUPIAL-SW06(config-if)# switchport mode access
MARSUPIAL-SW06(config-if)# switchport access vlan 17
MARSUPIAL-SW06(config-if)# no shut
MARSUPIAL-SW06(config-if)# end
Vamos verificar as alterações e coletar as evidências:
MARSUPIAL-SW06# show vlan
Vlan Name Ports Type Authorization
---- ----------------- --------------------------- ------------ -------------
1 1 gi20,Po1-8 Default Required
17 CATCHUP-DADOS gi4,gi20 permanent Required
58 GERAL-DADOS gi1-3,gi5,gi7-11,gi13-15, permanent Required
gi17-20
60 ABACAXI-DADOS gi6,gi12,gi16,gi20 permanent Required
144 CATCHUP-VOZ gi20 permanent Required
561 GERENCIA-SW gi20 permanent Required
MARSUPIAL-SW06# show int switchport gi4
Port : gi4
Port Mode: Access
Gvrp Status: disabled
Ingress Filtering: true
Acceptable Frame Type: admitAll
Ingress UnTagged VLAN ( NATIVE ): 17
Port is member in:
Vlan Name Egress rule Port Membership Type
---- -------------------------------- ----------- --------------------
17 CATCHUP-DADOS Untagged Static
MARSUPIAL-SW06# show run int Gi4
interface gigabitethernet4
storm-control broadcast enable
storm-control broadcast level kbps 20
storm-control include-multicast unknown-unicast
spanning-tree bpduguard enable
switchport mode access
switchport access vlan 17
MARSUPIAL-SW06# show int desc
Port Description
------- -----------
gi1
gi2
gi3
gi4
gi5
gi6
gi7
gi8
gi9
gi10
gi11
gi12
gi13
gi14
gi15
gi16
gi17
gi18
gi19
gi20
Ch Description
------- -----------
Po1
Po2
Po3
Po4
Po5
Po6
Po7
Po8
3. Comandos Básicos Switch Cisco ME-C3750-24TE (PowerPC405)
Nota
O switch Cisco ME-C3750-24TE será nosso SW Core e os SW de acesso será o Nortel Routing Switch 4550T-PWR.
Favor realizar identificação da porta do switch que está ligado a estação (MAC: 00-1b-4f-75-39-82), porém essa máquina não pega IP. Se possível, favor alterar para vlan 133:
KINGTUT-01> show mac-address-table address 00-1b-4f-75-39-82
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
29 001b.4f75.3982 DYNAMIC Fa1/0/18
Total Mac Addresses for this criterion: 1
KINGTUT-01> show interfaces Fa1/0/18
FastEthernet1/0/18 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is ec44.7630.fe94 (bia ec44.7630.fe94)
Description: The 13th floor SW 192.168.133.4
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 6/255, rxload 2/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is 10/100BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:09, output 00:00:00, output hang never
Last clearing of "show interface" counters 29w6d
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 971000 bits/sec, 504 packets/sec
5 minute output rate 2366000 bits/sec, 662 packets/sec
6463274408 packets input, 1896886174888 bytes, 0 no buffer
Received 15512997 broadcasts (0 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 10463928 multicast, 0 pause input
0 input packets with dribble condition detected
9994720872 packets output, 6110735013726 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
KINGTUT-01# show run int Fa1/0/18
Building configuration...
Current configuration : 269 bytes
!
interface FastEthernet1/0/18
description 13th floor SW 192.168.133.4
switchport trunk encapsulation dot1q
switchport trunk native vlan 133
switchport trunk allowed vlan 23-29,45,47,133,134
switchport mode trunk
switchport voice vlan 29
spanning-tree portfast
end
Acessar o switch de acesso 192.168.133.4 e verificar o MAC 00-1b-4f-75-39-82:
TimeCrystal# show mac-address-table address 00:1b:4f:75:39:82
Mac Address Table Aging Time: 300
Learning Enabled Ports ALL
Number of addresses: 1
MAC Address Vid Type Source
----------------- ---- ------- --------------
00-1B-4F-75-39-82 29 Dynamic Port:33
TimeCrystal# show vlan interface vid 33
Port VLAN VLAN Name VLAN VLAN Name VLAN VLAN Name
---- ---- ---------------- ---- ---------------- ---- ----------------
33 23 VLAN23-DADOS 24 VLAN24-DADOS 25 VLAN25-VOZ
26 VLAN26-VOZ 27 VLAN27-VOZ 28 VLAN28-DADOS
29 VLAN-29-Voz 45 VLAN45-DADOS 47 VLAN47-VOZ
133 VLAN-133-Dados 134 VLAN134-DADOS
---- ---- ---------------- ---- ---------------- ---- ----------------
Agora vamos apenas alterar para Vlan 133:
TimeCrystal(config)# vlan ports 33 pvid 133
TimeCrystal(config)# save conf
TimeCrystal(config)# exit
TimeCrystal# show vlan interface info 33
Filter Filter
Untagged Unregistered
Port Frames Frames PVID PRI Tagging Name
---- -------- ------------ ---- --- ------------- ----------------
33 No Yes 133 0 UntagPvidOnly Port 33
3. Troubleshooting - Queda de conexão com a rede voz - Router Switch Cisco C9404R IGMP
Eis o alerta vermelho..: - Prezados do conselho deliberativo da TI, precisamos de máximo apoio com relação a solicitação do cliente: XYZ. O pedido é: - “Verificar a rede até a estação do atendente”.
Foi constatado incontáveis erros de ping contra servidores Avaya. (Aprox. às 11h40hs da manhã, houve surtos na comunicação entre cliente e servidor, os quais geraram um conjunto maior de erros de ping. Sendo assim, precisamos que verifiquem especificamente a estação de trabalho cujo IP é 10.0.12.152.
Vale lembrar que tal incidente, tem potencial para gerar crise e virar um grande problema: - O erro é relacionado ao login do insólito operador na aplicação do mal softwarephone of hell, onde o operador loga e após um determinado tempo (em torno de 6 a 8 ligações) ocorre os erros: Logoff inesperado + comunicação com o servidor imediatamente é perdida. A aplicação fecha abruptamente, deslogando o usuário do sistema. Deve-se frisar que isso não ocorre nas outras máquinas da mesma rede. É algo pontual e afeta apenas uma máquina.
Vamos iniciar a coleta das evidências para montar nosso laudo técnico. Estação IP é 10.0.12.152 e Mac d0-94-66-b1-90-e5.
Acesso Core:
CAATINGA01# show mac address-table address d0:94:66:b1:90:e5
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
120 d094.66b1.90e5 DYNAMIC Po1
Total Mac Addresses for this criterion: 1
CAATINGA01# sh int Po1
Port-channel1 is up, line protocol is up (connected)
Hardware is EtherChannel, address is d4c9.3c81.a30c (bia d4c9.3c81.a30c)
Description: ESCOLTA_2B_10.255.10.4
MTU 9198 bytes, BW 2000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, link type is auto, media type is N/A
input flow-control is off, output flow-control is unsupported
Members in this channel: Gi1/1/0/1 Gi2/1/0/1
ARP type: ARPA, ARP Timeout 04:00:00
Last input 1d02h, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 8927
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 47000 bits/sec, 32 packets/sec
5 minute output rate 47000 bits/sec, 29 packets/sec
1385339740 packets input, 177768658761 bytes, 0 no buffer
Received 9129816 broadcasts (7769398 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 7769398 multicast, 0 pause input
0 input packets with dribble condition detected
596842574 packets output, 281113115957 bytes, 0 underruns
0 output errors, 0 collisions, 6 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
CAATINGA01# show int Po1 capabilities
Port-channel1
Model: Unknown PID
Type: 10/100/1000BaseTX
Speed: 10,100,1000,auto
Duplex: full,half,auto
Trunk encap. type: 802.1Q
Trunk mode: on,off,desirable,nonegotiate
Channel: no
Broadcast suppression: no
Unicast suppression: no
Multicast suppression: no
Flowcontrol: rx-(off,on,desired),tx-(none)
Fast Start: no
QoS scheduling: no
CoS rewrite: no
ToS rewrite: no
UDLD: no
Inline power: no
SPAN: source
PortSecure: no
Dot1x: no
Diagnostic Monitoring: N/A
CAATINGA01# show run int po1
Building configuration...
Current configuration : 176 bytes
!
interface Port-channel1
description ESCOLTA_2B_10.255.10.4
switchport trunk native vlan 255
switchport trunk allowed vlan 110,120,121,255
switchport mode trunk
end
CAATINGA01# show etherchannel 1 summary
Number of channel-groups in use: 11
Number of aggregators: 11
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) LACP Gi1/1/0/1(P) Gi2/1/0/1(P)
CAATINGA01# show etherchannel port-channel
Channel-group listing:
----------------------
Group: 1
----------
Port-channels in the group:
---------------------------
Port-channel: Po1 (Primary Aggregator)
------------
Age of the Port-channel = 108d:14h:11m:46s
Logical slot/port = 30/1 Number of ports = 2
HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = LACP
Port security = Disabled
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Gi1/1/0/1 Active 0
0 00 Gi2/1/0/1 Active 0
Time since last port bundled: 24d:14h:03m:00s Gi1/1/0/1
Time since last port Un-bundled: 24d:14h:10m:37s Gi1/1/0/1
CAATINGA01# show int Gi2/1/0/1 controller | i up
GigabitEthernet2/1/0/1 is up, line protocol is up (connected)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
CAATINGA01# show int Gi2/1/0/2 controller | i up
GigabitEthernet2/1/0/2 is up, line protocol is up (connected)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
CAATINGA01# show int Gi2/1/0/1 controller | i drop
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 7456
0 unknown protocol drops
0 Gold frames dropped 0 FcsErr frames
CAATINGA01# show int Gi2/1/0/2 controller | i drop
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 2420
0 unknown protocol drops
0 Gold frames dropped 0 FcsErr frames
CAATINGA01# show int Gi2/1/0/1 controller | i Defer
7456 Excess Defer frames 0 Collision fragments
0 Deferred frames 0 ValidOverSize frames
CAATINGA01# how int Gi2/1/0/2 controller | i Defer
2420 Excess Defer frames 0 Collision fragments
0 Deferred frames 0 ValidOverSize frames
CAATINGA01# sh int Po1 | i CRC
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
CAATINGA01# sh int Po1 | in up | drops
Port-channel1 is up, line protocol is up (connected)
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 8927
0 unknown protocol drops
CAATINGA01# ping 10.255.10.4 size 1500 repeat 1000 df-bit
Type escape sequence to abort.
Sending 1000, 1500-byte ICMP Echos to 10.255.10.4, timeout is 2 seconds:
Packet sent with the DF bit set
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (1000/1000), round-trip min/avg/max = 1/1/8 ms
Acesso SW 10.255.10.4 (Catalyst Switch C9200L-48P-4G-E):
ANUBIS-N01_4A# show module
Switch Ports Model Serial No. MAC address Hw Ver. Sw Ver.
------ ----- --------- ----------- -------------- ------- --------
1 52 C9200L-48P-4G-E JAE23011SDV 7488.bb49.1d00 V01 16.9.3
ANUBIS-N01_4A# show mac address-table address d0:94:66:b1:90:e5
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
120 d094.66b1.90e5 DYNAMIC Gi1/0/45
Total Mac Addresses for this criterion: 1
ANUBIS-N01_4A# sh run int Gi1/0/45
Building configuration...
Current configuration : 91 bytes
!
interface GigabitEthernet1/0/45
switchport access vlan 120
switchport mode access
end
Não há port security ativado nessa porta:
ANUBIS-N01_4A# sh port int Gi1/0/45
Port Security : Disabled
Port Status : Secure-down
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0
ANUBIS-N01_4A# sh int gi1/0/45 trunk
Port Mode Encapsulation Status Native vlan
Gi1/0/45 off 802.1q not-trunking 1
Port Vlans allowed on trunk
Gi1/0/45 120
Port Vlans allowed and active in management domain
Gi1/0/45 120
Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/45 120
ANUBIS-N01_4A# sh cdp neighbor
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port ID
ANUBIS-N01.jehuty.com.jp
Gig 1/1/2 139 R S I C9404R Gig 1/1/0/1
ANUBIS-N01.jehuty.com.jp
Gig 1/1/1 166 R S I C9404R Gig 2/1/0/1
Total cdp entries displayed : 2
ANUBIS-N01_4A# sh int Gi1/0/45 status
Port Name Status Vlan Duplex Speed Type
Gi1/0/45 connected 120 a-full a-1000 10/100/1000BaseTX
GigabitEthernet1/0/45 is up, line protocol is up (connected)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ANUBIS-N01_4A# sh int Gi1/0/45 controller | i drops
Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 434
17959 unknown protocol drops
ANUBIS-N01_4A# sh int Gi1/0/45 controller | i Defer
434 Excess Defer frames 0 Collision fragments
0 Deferred frames 0 ValidOverSize frames
ANUBIS-N01_4A# sh int Gi1/0/45 controller | i CRC
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
ANUBIS-N01_4A# sh int Gi1/0/45 counters errors
Port Align-Err FCS-Err Xmit-Err Rcv-Err UnderSize OutDiscards
Gi1/0/45 0 0 0 0 0 434
Port Single-Col Multi-Col Late-Col Excess-Col Carri-Sen Runts
Gi1/0/45 0 0 0 0 0 0
ANUBIS-N01_4A# sh int gi1/0/45 switchport
Name: Gi1/0/45
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 120 (Bradesco_Seg-1)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: disabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Vepa Enabled: false
Appliance trust: none
ANUBIS-N01_4A# sh int gi1/0/45 sum
*: interface is up
IHQ: pkts in input hold queue IQD: pkts dropped from input queue
OHQ: pkts in output hold queue OQD: pkts dropped from output queue
RXBS: rx rate (bits/sec) RXPS: rx rate (pkts/sec)
TXBS: tx rate (bits/sec) TXPS: tx rate (pkts/sec)
TRTL: throttle count
Interface IHQ IQD OHQ OQD RXBS RXPS TXBS TXPS TRTL
-----------------------------------------------------------------------------------------------------------------
* GigabitEthernet1/0/45 0 0 0 434 0 0 4000 4 0
ANUBIS-N01_4A# show diagnostic description switch 1 test 1
DiagGoldPktTest :
The GOLD packet Loopback test verifies the MAC level loopback
functionality. In this test, a GOLD packet, for which doppler
provides the support in hardware, is sent. The packet loops back
at MAC level and is matched against the stored packet. It is a non
-disruptive test.
ANUBIS-N01_4A# diagnostic start switch 1 test 1
ANUBIS-N01_4A# diagnostic stop switch 1
Diagnostic[switch 1]: Diagnostic is not active.
ANUBIS-N01_4A# show diagnostic result switch 1
Current bootup diagnostic level: minimal
switch 1: SerialNo : JAE23011SDV
Overall Diagnostic Result for switch 1 : PASS
Diagnostic level at card bootup: minimal
Test results: (. = Pass, F = Fail, U = Untested)
1) DiagGoldPktTest:
Port 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
----------------------------------------------------------------------------
. . . . . . . . . . . . . . . . . . . . . . . .
Port 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
----------------------------------------------------------------------------
. . . . . . . . . . . . . . . . . . . . . . . .
Port 49 50 51 52
----------------
. . . .
2) DiagThermalTest -----------------> .
3) DiagPhyLoopbackTest:
Port 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
----------------------------------------------------------------------------
U U U U U U U U U U U U U U U U U U U U U U U U
Port 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
----------------------------------------------------------------------------
U U U U U U U U U U U U U U U U U U U U U U U U
Port 49 50 51 52
----------------
U U U U
4) DiagScratchRegisterTest ---------> .
5) TestUnusedPortLoopback:
Port 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
----------------------------------------------------------------------------
U U U U U U U U U U U U U U U U U U U U U U U U
Port 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
----------------------------------------------------------------------------
U U U U U U U U U U U U U U U U U U U U U U U U
Port 49 50 51 52
----------------
U U U U
6) DiagPoETest ---------------------> U
7) DiagStackCableTest --------------> U
8) DiagMemoryTest ------------------> U
ANUBIS-N01_4A# show logging | i GigabitEthernet1/0/38
Mar 6 23:01:31.868: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/38, changed state to down
Mar 6 23:01:32.870: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/38, changed state to down
Mar 6 23:01:35.404: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/38, changed state to up
Mar 6 23:01:36.405: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/38, changed state to up
Mar 6 23:01:51.115: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/38, changed state to down
Mar 6 23:01:52.117: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/38, changed state to down
Mar 6 23:01:55.786: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/38, changed state to up
Mar 6 23:01:56.784: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/38, changed state to up
ANUBIS-N01_4A# show clock
23:02:19.957 BRAZIL Fri Mar 6 2020
Nota
Foi identificado erros de network flapping na porta 45 do switch 10.255.10.4. Onde ocorre um número elevado de conexão e desconexão progressiva da estação, recorrente sempre na mesma porta. Consultamos a documentação do próprio fabricante o qual diz que isso está relacionado à problema de camada física.
Excess Defer frames: - According to Cisco documentation it is the number of frames that are not sent after the time exceeds the maximum-packet time. It means that the port is under heavy load. The device connected to the port is transmitting or receiving more traffic that can be handled by the port.
Nota
Veja as recomendações gerais do fabricante Cisco, que ajudam mitigar os erros de network flapping.
Cabo incorreto: - Troque o cabo suspeito por um cabo em bom funcionamento (use apenas padrao cat 6). Procure por pinos quebrados ou faltantes nos conectores. É uma boa hora para revisar a pinagem das tomadas em ambos os pontos (da sala tecnica até a PA). Também de preferência, tente conectar um dispositivo fluke e rode um diagnostico completo para checar às medições de impedância do cabo UTP (Veja se há interferencias, do tipo crossstalk no cabeamento).
Verificar possíveis conexões soltas ou mal encaixadas: - Ver se existem conexões soltas porque às vezes, parece que um cabo está colocado na tomada, mas não está. Desconecte o cabo e o reintroduza.
Na estação verifique a placa de rede: - Atualize os drivers de rede através do site do fabricante (Dell Optiplex 3060), desative economia de energia da interface e a mantenha configurada em 1000 full duplex com a opção manual ativada.
Outros testes possíveis e que podem ser válidos para mitigação do problema: - Trocar a porta de conexão com o mesmo SW. Realizar também a mudança da máquina para outro ponto de rede (ponto da máquina ao lado que estiver normal). Checar se o problema ainda persiste.