CCNP TSHOOT: Using Cisco Troubleshooting Tools
One of the topics on the CCNP TSHOOT exam is the “usage of Cisco troubleshooting tools”. In order to score well on this exam you should definitely know how to use and configure the various troubleshooting tools that Cisco equipment offers.
In this article we will examine everything you need to know regarding error message logging, reachability and routing troubleshooting as well as technical information collection from Cisco devices. Cisco has incorporated this section into the CCNP TSHOOT exam because it is extremely important to know what your troubleshooting tools can do and how to benefit from them. Learn them now so that you can apply them in real life tomorrow.
Cisco devices are like people; you need to listen to them. They can tell you important things about their hidden thoughts and worries. Always monitor your device logs at frequent intervals. In general, logged messages will assist you in identifying future problems. They will indicate active running malfunctions or even disturbances that happened during your off hours.
Cisco Troubleshooting: Message Logging Levels
The level of message logging is configurable. There are eight distinct levels of logging based on severity. Higher severity messages are given a lower level number. The following table presents these logging levels:
|Logging Level Value (severity)||Logging Level Name||Logged Messages Description|
|1||Alerts||Immediate action is needed|
|5||Notifications||Normal important notifications|
|7||Debugging||Detailed debug messages|
Things to Keep in Mind:
- The highest severity logging level is the “Emergencies” (level 0)
- The lowest severity logs are the “Debug” (level 7)
- Enabling a logging level automatically activates logging of higher severity levels. For example if you configure logging level “3” then all messages falling into levels zero (0) up to three (3) are logged.
Message Logging Methods
There are four different methods of logging messages in Cisco devices. By default, logging of messages is enabled on the Console and on the device’s internal buffer. The four logging methods are:
- Internal buffer
- Virtual Terminal ( telnet session)
- Syslog server
The format of the Cisco command to enable logging is:
Logging [method] [level]
The following list displays the commands you need to use to configure each logging method:
- Logging console [level]: This command enables console logging (enabled by default). Use the no logging console command to disable it.
- Logging buffered [level]: This command enables logging of messages to the internal buffer (enabled by default). Use the no logging buffered command to disable it.
- Logging monitor [level]: Use this command to enable logging of messages towards virtual terminal sessions. On your telnet session use the terminal monitor commands to enable the display of messages on your terminal. The command terminal no monitor disables this feature. Also the command no logging monitor disables this logging method.
- Logging [ip address]: This command enables logging of messages towards a syslog server. You can specify several syslog servers by issuing separate commands with the ip address of each syslog server respectively.
- Logging trap [level]: Use this command to specify the level of messages transmitted to the syslog servers. The no logging trap command disables logging of messages to syslog servers.
Display Logging Configuration and Status
To display the configured logging methods and logging messages, issue the show logging privileged executable command. An example is shown below:
Troubleshooting with PING and TRACEROUTE
Do not underestimate the power of the PING and TRACEROUTE commands. You need to know them for your exam preparation as well.
- With the PING command you verify reachability with the remote device. By default, PING sends five ICMP echo requests to the destination IP address expecting to receive an ICMP echo Reply within a time interval of 2 seconds to each request.
- With the TRACEROUTE command you find the path taken to reach a specific destination. It can be used to verify reachability as well. It can provide important information regarding possible network bottlenecks.
Take a look at my article on how to troubleshoot your connections with Ping and Traceroute to learn more.
Important “Show” Cisco Commands
When it comes to identifying hardware problems or service malfunctions, you need to know the basic Cisco commands to use in order to diagnose the problem. Moreover, these are the commands that Cisco experts would ask from you in case you have a maintenance agreement with them, so it is necessary to know them.
When suffering from performance degradation, the following commands are the first to consider:
- Show interfaces
- Show buffers
- Show processes cpu
- Show memory
When you come across IP protocol errors or connectivity errors, the outputs from the following commands need to be evaluated:
- Show ip protocol
- Show ip route
- Show ip interfaces
- Show ip access-lists
- Show ip traffic
There is a single Cisco command that collects a lot of information equivalent to issuing many “show” commands. I am talking about the show tech-support command.
There is another crucial command, a very important one. That is the show version command. This command provides the following important information:
- The installed IOS number and name.
- The system’s Bootstrap and installed BootLoader.
- The system’s uptime.
- The reason for the latest system’s restart.
- The date of the last restart.
- The image filename and stored location.
- Hardware information such as processor type, memory usage, controllers, DSPs, etc.
- The value of the configuration register.
Using Cisco Troubleshooting Tools
Cisco provides a variety of troubleshooting tools to help you identify and isolate potential hardware or software problems. Cisco expects know these tools inside-out. I have presented some of the basic troubleshooting commands in this article, but be sure to learn them well. You will definitely need them!