User Manual

ManualsBrandsBrocade ManualsComputer Accessories6910 Ethernet Access Switch Diagnostic Guide (Supporting R2.2.0.0)

53-1002653-01

16 October 2012

Brocade 6910

Ethernet Access Switch

Diagnostic Guide

Supporting R2.2.0.0

Summary of content (88 pages)

PAGE 1
53-1002653-01 16 October 2012 Brocade 6910 Ethernet Access Switch Diagnostic Guide Supporting R2.2.0.
PAGE 2
Copyright © 2012 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, Brocade Assurance, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, MLX, NetIron, SAN Health, ServerIron, TurboIron, VCS, and VDX are registered trademarks, and AnyIO, Brocade One, CloudPlex, Effortless Networking, ICX, NET Health, OpenScript, and The Effortless Network are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
PAGE 3
Contents About This Document Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Disclaimer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii How to use this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Supported hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Document conventions . . . . . . . . . . . . . . . . . . . . . . .
PAGE 4
Fiber-optic modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Fiber-optic show commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 Testing network connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 Pinging an IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 Tracing a route . . . . . . . . . . . . . . . . . . .
PAGE 5
QoS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44 QoS show commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44 QoS debug commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46 Traffic management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48 Traffic management show commands . . . . . . . . . . . . . . . . . . . .
PAGE 6
vi Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002653-01
PAGE 7
About This Document In this chapter This manual describes troubleshooting and diagnostic commands available in the command line interface (CLI) for the Brocade Ethernet Access Switch. • Audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii • Disclaimer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii • How to use this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 8
Disclaimer Enabling diagnostic commands can seriously degrade system performance. Diagnostic commands are generally intended for use when troubleshooting specific problems while working with qualified service technicians, or in conjunction with calls to Brocade Technical Support. Whenever possible, troubleshoot your system during periods of low network traffic and user activity to preserve system performance. If you have any questions regarding this Disclaimer, please contact us at support@brocade.com.
PAGE 9
Disclaimer Text formatting The narrative-text formatting conventions that are used are as follows: bold text Identifies command names Identifies the names of user-manipulated GUI elements Identifies keywords Identifies text to enter at the GUI or CLI italic text Provides emphasis Identifies variables Identifies document titles code text Identifies CLI output Command syntax conventions Command syntax in this manual follows these conventions: command Commands are printed in bold.
PAGE 10
Disclaimer Related publications The following Brocade Communications Systems, Inc. documents supplement the information in this guide and can be located at http://www.brocade.com/ethernetproducts. • Brocade 6910 Ethernet Access Switch Installation Guide • Brocade 6910 Ethernet Access Switch MIB Reference • Brocade 6910 Ethernet Access Switch Diagnostic Guide NOTE For the latest edition of these documents, which contain the most up-to-date information, see Product Manuals at http://www.brocade.
PAGE 11
DRAFT: BROCADE CONFIDENTIAL Chapter 1 Using Diagnostic Commands In this chapter • How to use diagnostic commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Console Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Show commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Generic debug commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 12
DRAFT: BROCADE CONFIDENTIAL 1 Show commands Show commands Show commands provide information that is extremely helpful for troubleshooting. For most of the environments discussed in this document, related show commands, show command output, and output descriptions are included. Many show commands generate output for a specific configuration. show log Syntax: show log {flash | ram} The show log command allows you to view the system log. Command output similar to the following is displayed.
PAGE 13
DRAFT: BROCADE CONFIDENTIAL Generic debug commands 1 ATTENTION Many first-level variables have their own variable subsets. When you enter a debug command, the system will indicate that there are additional variables by telling you that you have entered an incomplete command. Add a space and a question mark to your original command to view the additional variables.
PAGE 14
DRAFT: BROCADE CONFIDENTIAL 1 4 Generic debug commands Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002653-01
PAGE 15
Chapter System and System Management Diagnostics 2 In this chapter This chapter describes many of the common system and system management diagnostic processes for Brocade 6910 switch. • Basic system information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 • TCAM partitioning and usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 • Managing memory and CPU usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 16
DRAFT: BROCADE CONFIDENTIAL 2 Basic system information System Temperature: Unit 1 Temperature 1: 28 degrees Temperature 2: 26 degrees Temperature 3: 26 degrees Main Power Status : Up Redundant Power Status : Up show alarm-status Syntax: show alarm-status This command displays information on predefined alarms (i.e., non-configurable) and on the link-down alarm (which is displayed as a minor alarm).
PAGE 17
DRAFT: BROCADE CONFIDENTIAL TCAM partitioning and usage 2 TCAM partitioning and usage Ternary Content Addressable Memory (TCAM) is a component of Brocade devices that facilitates hardware forwarding. As packets flow through the Brocade device from a given source to a given destination, the management processor records forwarding information about the flow in TCAM entries.
PAGE 18
DRAFT: BROCADE CONFIDENTIAL 2 Managing memory and CPU usage Common diagnostic scenarios When troubleshooting TCAM issues, it is helpful to know when a device is running out of TCAM. The following sections describe how to monitor TCAM usage. Displaying TCAM settings When a Brocade device boots, the system automatically sets default TCAM partitions. The default TCAM settings are the same as the default partition percentage settings. NOTE The default TCAM partitions are fixed, and cannot be configured.
PAGE 19
DRAFT: BROCADE CONFIDENTIAL Power supplies Falling Threshold 2 : 70% CPU memory show command The CPU uses memory buffers to handle interprocess communication (IPC) and external packets sent and received by the management processor.
PAGE 20
DRAFT: BROCADE CONFIDENTIAL 2 Fiber-optic modules System Temperature: Unit 1 Temperature 1: 28 degrees Temperature 2: 26 degrees Temperature 3: 26 degrees Main Power Status : Up Redundant Power Status : Up Configuration notes There are several cautions and warnings that you should pay attention to when installing or replacing power supplies. Refer to the Brocade BR6910 Installation Guide for more information.
PAGE 21
DRAFT: BROCADE CONFIDENTIAL Fiber-optic modules 2 • Cyclic redundancy check (CRC) errors • Port flapping • Packet loss Before inserting the fiber cable into the fiber-optic transceiver, ensure that it is free of dust by cleaning the end. A “Fiber Swiper” cleaner is provided by Brocade for this purpose with each optic shipment (reference instructions provided with the Fiber Swiper). It is very important that the end of an optical cable is clean when using any data rate.
PAGE 22
DRAFT: BROCADE CONFIDENTIAL 2 Testing network connectivity Configuration notes Before installing or removing fiber optic modules, refer to the precautions and follow the instructions in the Brocade 6910 Installation Guide. Testing network connectivity You can test connectivity to other network devices by pinging those devices. You also can trace routes.
PAGE 23
DRAFT: BROCADE CONFIDENTIAL Testing network connectivity 2 Tracing a route To determine the path through which the router can reach another network device, enter the traceroute command at the Privileged Exec level of the CLI. traceroute Syntax: traceroute {ipv4-addr | hostname} • ipv4-addr - Specifies the IP address of the device. • hostname - Specifies the host name. The CLI displays trace route information for each hop as soon as the information is received.
PAGE 24
DRAFT: BROCADE CONFIDENTIAL 2 14 Testing network connectivity Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002653-01
PAGE 25
DRAFT: BROCADE CONFIDENTIAL Chapter Layer 1 Diagnostics 3 In this chapter • Ethernet diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 This chapter describes common Layer 1 diagnostic procedures for the Brocade 6910 series switches.
PAGE 26
DRAFT: BROCADE CONFIDENTIAL 3 Ethernet diagnostics The packet loss happens when both devices are transmitting at the same time, and may happen even when the link is used, from the user's perspective, in one direction only. A Transmission Control Protocol (TCP) stream requires that all packets sent be acknowledged by the receiving device, even if actual data is sent in one direction only. Packet collisions may occur with acknowledgement packets traveling in the other direction.
PAGE 27
DRAFT: BROCADE CONFIDENTIAL Ethernet diagnostics 0 0 0 0 0 0 0 0 3 FCS Errors Single Collision Frames Multiple Collision Frames SQE Test Errors Deferred Transmissions Late Collisions Excessive Collisions Pause Frames Output ===== RMON Stats ===== 0 10305324 32060 270 9075 0 0 0 0 0 0 0 0 0 Drop Events Octets Packets Broadcast PKTS Multi-cast PKTS Undersize PKTS Oversize PKTS Fragments Internal Mac Transmit Errors Internal Mac Receive Errors Frames Too Long Carrier Sense Errors Symbol Errors Pause Frame
PAGE 28
DRAFT: BROCADE CONFIDENTIAL 3 Ethernet diagnostics Port Operation Status Operation Speed-duplex Up Time Flow Control Type : : : : Up 100full 0w 0d 5h 51m 29s (21089 seconds) None show interfaces switchport ethernet Syntax: show interfaces switchport ethernet unit/port unit - Unit identifier. (Range: 1) port - Port number. (Range: 1-12) This command displays the administrative and operational status for Ethernet ports, as shown in the following example.
PAGE 29
DRAFT: BROCADE CONFIDENTIAL Ethernet diagnostics 3 Data = 0x0 , AgedPacketCnt[0-12][ROC] = 0x0 Data = 0x57 , TotalBuffAllocCnt[0-12][RW] = 0x57 Data = 0x0 , PacketCounter[0-12][RW] = 0x0 Buffers Allocation Counter Register (n=0~27)> Offset Formula: 0x03000100+n * 0x4: where n present port Data = 0x3 , Port< 0>BuffAllocCnt[0-12][RW] = 0x3 Data = 0x3 , Port< 1>BuffAllocC
PAGE 30
DRAFT: BROCADE CONFIDENTIAL 3 Ethernet diagnostics receiver error counter (21_0) = 0x late collision @65-96 (23_6.0:7) = 0x late collision @97-128 (23_6.8:15) = 0x late collision @129-192 (24_6.0:7) = 0x late collision @> 192 (24_6.8:15) = 0x link disconnect (25_6.0:7)(ROC) = 0x =========Dev 0 Port 2(Linkup=0) ============ crc error counter (17_6.0:7) = 0x crc pkt counter (17_6.8:15) = 0x receiver error counter (21_0) = 0x late collision @65-96 (23_6.0:7) = 0x late collision @97-128 (23_6.
PAGE 31
DRAFT: BROCADE CONFIDENTIAL Ethernet diagnostics 3 A CRC alignment error is generated when the total number of packets received is from 64 through 1518 octets, but contains either a bad FCS with an integral number of octets (FCS error) or a bad FCS with a non-integral number of octets (alignment error). • Runts Any received packet that is less than 64 bytes is illegal, and is called a runt.
PAGE 32
DRAFT: BROCADE CONFIDENTIAL 3 22 Ethernet diagnostics Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002653-01
PAGE 33
DRAFT: BROCADE CONFIDENTIAL Chapter 4 Layer 2 Protocol Diagnostics In this chapter This chapter describes Layer 2 troubleshooting and diagnostic processes for the Brocade 6910 switch. • MAC address learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Spanning Tree Protocol and derivatives. . . . . . . . . . . . . . . . . . . . . . . . . . . . . • LACP trunking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 34
DRAFT: BROCADE CONFIDENTIAL 4 MAC address learning ARP age The ARP age is the amount of time the device keeps a learned MAC address in the ARP cache. The device resets the timer to zero each time the ARP entry is refreshed and removes the entry if the timer reaches the ARP age. The default ARP age is 20 minutes. Changing the ARP aging period When the switch places an entry in the ARP cache, it also starts an aging timer for the entry.
PAGE 35
DRAFT: BROCADE CONFIDENTIAL Spanning Tree Protocol and derivatives 00-E0-0C-10-90-00 4 records 1 1/1 0 0 0 4 1 13348 The following command displays detailed information about the VLAN mapping table.
PAGE 36
DRAFT: BROCADE CONFIDENTIAL 4 Spanning Tree Protocol and derivatives STP show commands show spanning-tree Syntax: show spanning-tree [brief | ethernet unit/port | port-channel channel-id| stp-enabled-only] • • • • brief - Shows a brief summary of STP settings for each port. ethernet unit/port - Specifies a port within the VLAN for detailed STP information. port-channel channel-id - Specifies a trunk within the VLAN for detailed STP information.
PAGE 37
DRAFT: BROCADE CONFIDENTIAL Spanning Tree Protocol and derivatives Oper Edge Port Admin Link Type Oper Link Type Flooding Behavior Spanning-Tree Status Loopback Detection Status Loopback Detection Release Mode Loopback Detection Trap Loopback Detection Action Root Guard Status BPDU Guard Status BPDU Guard Auto Recovery BPDU Guard Auto Recovery Interval BPDU Filter Status : : : : : : : : : : : : : : 4 Disabled Auto Point-to-point Enabled Enabled Enabled Auto Disabled Block Disabled Disabled Disabled 300
PAGE 38
DRAFT: BROCADE CONFIDENTIAL 4 Spanning Tree Protocol and derivatives Flooding Behavior Spanning-Tree Status Loopback Detection Status Loopback Detection Release Mode Loopback Detection Trap Loopback Detection Action Root Guard Status BPDU Guard Status BPDU Guard Auto Recovery BPDU Guard Auto Recovery Interval BPDU Filter Status ... : : : : : : : : : : : Enabled Enabled Enabled Auto Disabled Block Disabled Disabled Disabled 300 Disabled This command displays global settings for MSTP.
PAGE 39
DRAFT: BROCADE CONFIDENTIAL Spanning Tree Protocol and derivatives Flooding Behavior Spanning-Tree Status Loopback Detection Status Loopback Detection Release Mode Loopback Detection Trap Loopback Detection Action Root Guard Status BPDU Guard Status BPDU Guard Auto Recovery BPDU Guard Auto Recovery Interval BPDU Filter Status ...
PAGE 40
DRAFT: BROCADE CONFIDENTIAL 4 LACP trunking Common diagnostic scenarios • Spanning Tree loops. • Spanning Tree reacts to topology changes and port flapping. • Port flapping can trigger a new Spanning Tree learning process. LACP trunking The Link Aggregation Control Protocol (LACP) allows ports on both sides of a redundant link to automatically configure themselves into a trunk link (aggregate link), eliminating the need for manual configuration.
PAGE 41
DRAFT: BROCADE CONFIDENTIAL LACP trunking 4 . . . show lacp neighbors Syntax: show lacp [port-channel] internal port-channel - Local identifier for a link aggregation group. (Range: 1-5) This command displays trunk information for configuration settings and the operational state for the remote side.
PAGE 42
DRAFT: BROCADE CONFIDENTIAL 4 VLAN trunking • Ports in a trunk must have the same speed, negotiation mode, and Quality of Service (QoS) priority or the trunk is rejected. • • • • All ports configured in a trunk must be configured with the same port attributes. Primary port policy applies to all secondary ports. No trunk is rejected. The trunk is rejected if any trunk port has mirroring or monitoring configured.
PAGE 43
DRAFT: BROCADE CONFIDENTIAL Ethernet Ring Protection switching 4 Multicast Storm : Disabled Multicast Storm Limit : 64 Kbits/second Unknown Unicast Storm : Disabled Unknown Unicast Storm Limit : 64 Kbits/second Flow Control : Disabled VLAN Trunking : Enabled LACP : Disabled Port Security : Disabled Max MAC Count : 0 Port Security Action : None Media Type : SFP preferred auto Current Status: Link Status : Up Port Operation Status : Up Operation Speed-duplex : 100full Up Time : 0w 0d 0h 40m 36s (2436 second
PAGE 44
DRAFT: BROCADE CONFIDENTIAL 4 Ethernet Ring Protection switching Node State : Idle West Port : Eth 1/ 1 (Blocking) East Port : Eth 1/ 2 (Forwarding) RPL Port : West RPL Owner : Enabled Holdoff Timer : 300 ms Guard Timer : 300 ms WTR Timer : 5 minutes Control VLAN : 2 Propagate TC : Disabled ERPS debug commands debug erps Syntax: debug erps {adm | opr | healthpdu} [domain domain-name] • • • • • adm - Shows ERPS administrative status. opr - Shows ERPS operational status.
PAGE 45
DRAFT: BROCADE CONFIDENTIAL Connectivity Fault Management 4 Connectivity Fault Management Connectivity Fault Management (CFM) is an OAM protocol that includes proactive connectivity monitoring using continuity check messages, fault verification through loop back messages, and fault isolation by examining end-to-end connections between provider edge devices or between customer edge devices.
PAGE 46
DRAFT: BROCADE CONFIDENTIAL 4 Connectivity Fault Management Linktrace Cache Size : 100 entries This example shows the configuration status for continuity check and cross-check traps. Console# show ethernet cfm configuration traps CC MEP Up Trap : Disabled CC MEP Down Trap : Disabled CC Configure Trap : Disabled CC Loop Trap : Disabled Cross Check MEP Unknown Trap : Disabled Cross Check MEP Missing Trap : Disabled Cross Check MA Up : Disabled This example shows the CFM status for port 1.
PAGE 47
DRAFT: BROCADE CONFIDENTIAL Connectivity Fault Management 4 interface – Displays CFM status for the specified interface. ethernet unit/port unit - Unit identifier. (Range: 1) port - Port number. (Range: 1-12) port-channel channel-id (Range: 1-12) level-id – Maintenance level for this domain. (Range: 0-7) This example shows all MEPs configured on this device for maintenance domain rd.
PAGE 48
DRAFT: BROCADE CONFIDENTIAL 4 Connectivity Fault Management This command displays detailed CFM information about a specified remote MEP in the continuity check database. show ethernet cfm maintenance-points remote detail Syntax: show ethernet cfm maintenance-points remote detail {mac mac-address | mpid mpid} [domain domain-name | level level-id | ma ma-name] mac-address – MAC address of a remote maintenance point.
PAGE 49
DRAFT: BROCADE CONFIDENTIAL Operation, Administration and Maintenance 4 This command displays information about remote maintenance points configured statically in a cross-check list. show ethernet cfm maintenance-points remote crosscheck Syntax: show ethernet cfm maintenance-points remote crosscheck [domain domain-name | mpid mpid] domain-name – Domain name. (Range: 1-43 alphanumeric characters) mpid – Maintenance end point identifier.
PAGE 50
DRAFT: BROCADE CONFIDENTIAL 4 Operation, Administration and Maintenance This example displays counters for OAM PDU message types. Console# show efm oam counters interface 1/1 Port OAMPDU Type TX RX ---- --------------------- ---------- ---------1/1 Information 1121 1444 1/1 Event Notification 0 0 1/1 Loopback Control 1 0 1/1 Organization Specific 76 0 This command displays the OAM event log for the specified port(s) or for all ports that have logs.
PAGE 51
DRAFT: BROCADE CONFIDENTIAL Operation, Administration and Maintenance 4 brief - Displays a brief list of OAM configuration states. This example displays a full list of OAM configuration settings and event counters.
PAGE 52
DRAFT: BROCADE CONFIDENTIAL 4 42 Operation, Administration and Maintenance Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002653-01
PAGE 53
DRAFT: BROCADE CONFIDENTIAL Chapter ACL and QoS Diagnostics 5 In this chapter This chapter provides diagnostic information for Access Control List (ACL) and Quality of Service (QoS) environments, including traffic management. • ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 • QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 • Traffic management . . . . . .
PAGE 54
DRAFT: BROCADE CONFIDENTIAL 5 QoS - Changing ToS-based QoS mappings To reapply an ACL following an ACL configuration change, enter the ip access-group command at the interface configuration level of the CLI as shown in the following example. Console(config)# interface ethernet 1/2 Console(config-if)# ip access-group david in QoS Quality of Service (QoS) features prioritize the use of bandwidth in a switch.
PAGE 55
DRAFT: BROCADE CONFIDENTIAL QoS 5 CoS : CFI 0 1 --------------------------------0 (0,0) (0,0) 1 (1,0) (1,0) 2 (2,0) (2,0) 3 (3,0) (3,0) 4 (4,0) (4,0) 5 (5,0) (5,0) 6 (6,0) (6,0) 7 (7,0) (7,0) show qos map dscp-mutation Syntax: show qos map cos-dscp interface interface • interface • ethernet unit/port • unit - Unit identifier. (Range: 1) • port - Port number.
PAGE 56
DRAFT: BROCADE CONFIDENTIAL 5 QoS Console# show qos map phb-queue interface ethernet 1/5 Information of Eth 1/5 PHB-queue map: PHB: 0 1 2 3 4 5 6 7 ------------------------------------------------------queue: 2 0 1 3 4 5 6 7 show queue mode Syntax: show queue mode This command shows the current queue mode. Console# show queue mode Queue Mode : Weighted Round Robin Mode show queue weight Syntax: show queue weight This command displays the weights used for the weighted queues.
PAGE 57
DRAFT: BROCADE CONFIDENTIAL QoS 4 8 12 16 20 24 28 32 36 40 44 48 52 56 60 64 68 72 76 5 ffffffff ffffffff fffff300 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 The following command shows detailed meter settings for the policer reference table.
PAGE 58
DRAFT: BROCADE CONFIDENTIAL 5 Traffic management port[12]:enabled=1, pclId=0, dualLookup=0, pclIdL01=0, nonIpKey=4, ipv4Key=4, ipv6Key=5 ...
PAGE 59
DRAFT: BROCADE CONFIDENTIAL Traffic management 5 reassembly failed IP sent forwards datagrams 5927 requests discards no routes generated fragments fragment succeeded fragment failed ICMP Statistics: ICMP received input errors destination unreachable messages time exceeded messages parameter problem message echo request messages echo reply messages redirect messages timestamp request messages timestamp reply messages source quench messages address mask request messages address mask reply messages ICMP sent
PAGE 60
DRAFT: BROCADE CONFIDENTIAL 5 50 Traffic management Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002653-01
PAGE 61
DRAFT: BROCADE CONFIDENTIAL Chapter 6 Multicast Snooping Diagnostics In this chapter This chapter provides diagnostic information about Internet Group Management Protocol (IGMP) snooping and Multicast VLAN Routing (MVR) environments on the Brocade 6910 Ethernet Access Switch. • IGMP snooping and MVR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 62
DRAFT: BROCADE CONFIDENTIAL 6 IGMP snooping and MVR Last Member Query Count General Query Suppression Query Interval Query Response Interval Proxy Query Address Proxy Reporting Multicast Router Discovery : : : : : : : 2 Disabled 125 100 (unit: 1/10s) 0.0.0.0 Using global status (Disabled) Disabled VLAN Static Group Port ---- --------------- -------1 224.1.1.1 Eth 1/ 1 . . .
PAGE 63
DRAFT: BROCADE CONFIDENTIAL IGMP snooping and MVR 6 This command displays information on statically configured and dynamically learned multicast router ports. The following example shows a port discovered by the system which is attached to a multicast router. Console#show ip igmp snooping mrouter dynamic VLAN M'cast Router Ports Type Expire ---- ------------------- ------- -------1 Eth 1/1 Dynamic 00:05:09 The following example shows a port statically configured as attached to a multicast router.
PAGE 64
DRAFT: BROCADE CONFIDENTIAL 6 IGMP snooping and MVR Multicast downstream interface: MVR downstream interface: Group: 233.171.129.255, Source: 0.0.0.0, Upstream VLAN: 0, rp: 0 Flags: , SNP, , , , Hit Bit: 0 Snooping interface: L2 interface: 5(Flags : CHIP,,,) port:5, Multicast downstream interface: MVR downstream interface: Group: 239.255.255.250, Source: 0.0.0.
PAGE 65
DRAFT: BROCADE CONFIDENTIAL IGMP snooping and MVR VLAN: 5 Group: 225.1.1.3 Forwarding ports: Member ports : Expire time : Learning type : 6 Source: 0.0.0.0 5 5 177 Dummy debug igmpsnp-mvr show-group-record Syntax: debug igmpsnp-mvr show-group-record This command shows IGMP group records for all IGMP Snooping interfaces. Console#debug igmpsnp-mvr show-group-record Interface Name: 1001 Interface VID : 1 Group : 225.1.1.1 Uptime : 2284 Group mode : Exclude Last reporter : 0.0.0.
PAGE 66
DRAFT: BROCADE CONFIDENTIAL 6 IGMP snooping and MVR debug igmpsnp-mvr show-interface-sflags Syntax: debug igmpsnp-mvr show-interface-sflags This command shows service flag status for all IGMP Snooping and MVR interfaces Console#debug igmpsnp-mvr show-interface-sflags Interface type: | name <= 1000 | name > 1000 -------------|--------------|-----------VID <= 10000 | IGMP port | IGMP VLAN VID > 10000 | MVR port | MVR VLAN Fields descriptions: ac : IGMP snooping function is worked on this interface.
PAGE 67
DRAFT: BROCADE CONFIDENTIAL IGMP snooping and MVR 6 Interface type: | name <= 1000 | name > 1000 -------------|--------------|-----------VID <= 10000 | IGMP port | IGMP VLAN VID > 10000 | MVR port | MVR VLAN Fields descriptions: com : IGMP compatible version. st_rt : Static router port interface. dy_rt : Dynamic router port interface. ver : Configuration of IGMP version. rob : Configuration of robustness value. qi : Configuration of query interval. qri : Configuration of query response interval.
PAGE 68
DRAFT: BROCADE CONFIDENTIAL 6 IGMP snooping and MVR Fields descriptions: qry : Query will be sent after this time. o_qry : Other querier presents and will expire after this time. dy_rt : The port interface is a dynamical router port during this time. v1_qry: IGMPv1 querier presents and will expire after this time. v2_qry: IGMPv2 querier presents and will expire after this time. report: IGMP proxy report will be sent after this time. xstp : Topology is changed and multicast will be flood during this time.
PAGE 69
DRAFT: BROCADE CONFIDENTIAL IGMP snooping and MVR 6 MVR downstream interface: Group: 225.1.1.3, Source: 0.0.0.
PAGE 70
DRAFT: BROCADE CONFIDENTIAL 6 60 IGMP snooping and MVR Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002653-01
PAGE 71
DRAFT: BROCADE CONFIDENTIAL Chapter 7 Security Diagnostics In this chapter This chapter describes diagnostic information for security environments on the Brocade 6910 series switches. • 802.1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Port loop detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Port mirroring and monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 72
DRAFT: BROCADE CONFIDENTIAL 7 802.1x Supplicant Parameters: Identity Profile Username : steve 802.1X Port Summary Port Type Operation Mode Control Mode -------- ------------- -------------- -----------------Eth 1/ 1 Disabled Single-Host Force-Authorized Eth 1/ 2 Disabled Single-Host Force-Authorized ... Eth 1/11 Disabled Single-Host Force-Authorized Yes Eth 1/12 Enabled Single-Host Auto Yes 802.1X Port Details 802.1X Supplicant is ... 802.
PAGE 73
DRAFT: BROCADE CONFIDENTIAL 802.
PAGE 74
DRAFT: BROCADE CONFIDENTIAL 7 Port loop detection • When a client has been denied access to the network, the 802.1x MAC session is aged out if no traffic is received from the client’s MAC address over a fixed hardware aging period (300 seconds). You can optionally change the software aging period for 802.1x MAC sessions or disable aging altogether. After the denied client’s 802.1x MAC session is aged out, traffic from that client is no longer blocked, and the client can be re-authenticated.
PAGE 75
DRAFT: BROCADE CONFIDENTIAL Port mirroring and monitoring BPDU BPDU BPDU BPDU Guard Status : Guard Auto Recovery : Guard Auto Recovery Interval : Filter Status : 7 Disabled Disabled 300 Disabled Configuration notes A port is disabled only if a packet is looped back to that same port. Loop detection must be configured on the physical port. Port mirroring and monitoring You can monitor the traffic on the Brocade ports by configuring another port to mirror the traffic on the ports you want to monitor.
PAGE 76
DRAFT: BROCADE CONFIDENTIAL 7 RADIUS NOTE The Brocade devices do not support RADIUS security for SNMP access. RADIUS show commands show radius-server Syntax: show radius-server This command displays information about all RADIUS servers configured on the device.
PAGE 77
DRAFT: BROCADE CONFIDENTIAL SNMP 7 Configuration notes • You must deploy at least one RADIUS server in your network to provide authentication services. • Brocade devices support authentication using up to five RADIUS servers. The device tries to use the servers in the order you add them to the device’s configuration. If one RADIUS server is not responding, the Brocade device tries the next one in the list.
PAGE 78
DRAFT: BROCADE CONFIDENTIAL 7 SNMP 0 Get-request PDUs 0 Get-next PDUs 0 Set-request PDUs 0 SNMP packets output 0 Too big errors 0 No such name errors 0 Bad values errors 0 General errors 0 Response PDUs 0 Trap PDUs SNMP Logging: Disabled show snmp engine-id Syntax: show snmp engine-id This command displays the engine ID of a switch, as shown in the following example.
PAGE 79
DRAFT: BROCADE CONFIDENTIAL TACACS and TACACS+ Storage Type Row Status 7 : volatile : active show snmp user Syntax: show snmp user This command displays the definition of local and remote SNMP user accounts, as shown in the following example.
PAGE 80
DRAFT: BROCADE CONFIDENTIAL 7 TACACS and TACACS+ This command displays information about all TACACS+ servers configured on the device. Console# show tacacs-server Remote TACACS+ Server Configuration: Global Settings: Server Port Number : 49 Retransmit Times : 2 Timeout : 5 Server 1: Server IP Address Server Port Number Retransmit Times Timeout : : : : 10.11.12.
PAGE 81
DRAFT: BROCADE CONFIDENTIAL Telnet and SSH connections 7 • You can use the authentication login command to select a sequence of authentication methods for each type of access to a device (CLI through Telnet, CLI Normal Exec and CLI Privileged Exec levels). Use the authentication enable command to specify the sequence of authentication methods to use when changing from Normal Exec command mode to Privileged Exec command mode with the enable command.
PAGE 82
DRAFT: BROCADE CONFIDENTIAL 7 SNTP Configuration notes • You can use the authentication login command to select a sequence of authentication methods for each type of access to a device (CLI through Telnet, CLI Normal Exec and CLI Privileged Exec levels). Use the authentication enable command to specify the sequence of authentication methods to use when changing from Normal Exec command mode to Privileged Exec command mode with the enable command.
PAGE 83
DRAFT: BROCADE CONFIDENTIAL Chapter 8 Forwarding Diagnostics In this chapter This chapter describes diagnostics for forwarding protocols and environments on Brocade BR6910 series switches. • Trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 Trunking Trunk groups are manually-configured aggregate links containing multiple ports.
PAGE 84
DRAFT: BROCADE CONFIDENTIAL 8 Trunking Flow Control Type Member Ports : None : Eth1/11, Eth1/12 show lacp counters Syntax: show lacp channel-id counters This command displays information about the LACP packets sent and received by this trunk. Command output resembles the following example.
PAGE 85
DRAFT: BROCADE CONFIDENTIAL Trunking 8 Port Channel 1 neighbors -----------------------------------------------------------------------------Eth 1/11 -----------------------------------------------------------------------------Partner Admin System ID : 32768, 00-00-00-00-00-00 Partner Oper System ID : 32768, 00-E0-0C-00-00-FA Partner Admin Port Number : 11 Partner Oper Port Number : 3 Port Admin Priority : 32768 Port Oper Priority : 32768 Admin Key : 0 Oper Key : 3 Admin State : defaulted, distributing, c
PAGE 86
DRAFT: BROCADE CONFIDENTIAL 8 Trunking Common diagnostic scenarios Trunk transaction failed; ports overlap with other trunks. With a static trunk, you must first remove the existing trunk and reconfigure a new one. If you are using dynamic trunk configuration, you would be able to add a port dynamically in the trunk.
PAGE 87
Diagnostic Command Index C CFM maintenance end point, 36 maintenance intermediate point, 36 D debug erps, 34 debug hardware dev, 46 debug hardware dev-amtrdrv, 24 debug hardware dev-swdrv, 18 debug hardware dev-swdrv stg, 29 debug igmpsnp-mvr show-forward-entry, 54 debug igmpsnp-mvr show-group-record, 55 debug igmpsnp-mvr show-interface-sflags, 56 debug igmpsnp-mvr show-interface-status, 56 debug igmpsnp-mvr show-interface-timers, 57 debug ipcfg, 13 debug msl show-interface-info, 58 debug msl show-mrt-inf
PAGE 88
T traceroute, 13 78 Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002653-01