53-1002348-02 9 May 2012 Brocade 6910 Ethernet Access Switch Diagnostic Guide Supporting R2.1.0.
Copyright © 2012 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, Brocade Assurance, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, MLX, NetIron, SAN Health, ServerIron, TurboIron, VCS, and VDX are registered trademarks, and AnyIO, Brocade One, CloudPlex, Effortless Networking, ICX, NET Health, OpenScript, and The Effortless Network are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
Contents About This Document Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Disclaimer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii How to use this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Supported hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Document conventions . . . . . . . . . . . . . . . . . . . . . . .
Testing network connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Pinging an IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Tracing a route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Chapter 3 Layer 1 Diagnostics Ethernet diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Duplex mismatches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Port loop detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44 Port loop detection show commands . . . . . . . . . . . . . . . . . . . . .44 Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44 Port mirroring and monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Port mirroring show commands . . . . . . . . . . . . . . . . . . . . . . . . .45 RADIUS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
vi Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002348-02
About This Document This manual describes troubleshooting and diagnostic commands available in the command line interface (CLI) for the Brocade Ethernet Access Switch. NOTE Some troubleshooting commands report information about internal hardware settings and registers that is relevant primarily to the Brocade engineering staff. Consequently, this information is not described in this document.
Disclaimer How to use this guide This guide describes many common diagnostic processes for the Brocade BR6910 switch. Each chapter contains diagnostic information about a specific segment of your network configuration.
Disclaimer Text formatting The narrative-text formatting conventions that are used are as follows: bold text Identifies command names Identifies the names of user-manipulated GUI elements Identifies keywords Identifies text to enter at the GUI or CLI italic text Provides emphasis Identifies variables Identifies document titles code text Identifies CLI output Command syntax conventions Command syntax in this manual follows these conventions: command Commands are printed in bold.
Disclaimer Related publications The following Brocade Communications Systems, Inc. documents supplement the information in this guide and can be located at http://www.brocade.com/ethernetproducts. • Brocade 6910 Ethernet Access Switch Installation Guide • Brocade 6910 Ethernet Access Switch MIB Reference • Brocade 6910 Ethernet Access Switch Diagnostic Guide NOTE For the latest edition of these documents, which contain the most up-to-date information, see Product Manuals at http://www.brocade.
Chapter 1 Using Diagnostic Commands How to use diagnostic commands This chapter describes how to use Brocade diagnostic show commands to monitor and troubleshoot the Brocade 6910 switch configuration. Show commands are accessible from the Privileged Exec mode in the command line interface (CLI). Some show commands can be configured to send output to a destination that you specify. Many show commands are specifically designed to be used in conjunction with calls to Brocade Technical Support.
Show commands Console# show log ram [9] 10:40:35 2011-04-15 "User(admin/Console), login successful." level : 6, module : 5, function : 1, and event no. : 1 [8] 08:25:27 2011-04-15 "User(admin/Console), login successful." level : 6, module : 5, function : 1, and event no. : 1 [7] 08:25:17 2011-04-15 "DHCP server responded." level : 5, module : 9, function : 1, and event no. : 11 [6] 08:25:17 2011-04-15 "STA topology change notification." level : 6, module : 5, function : 1, and event no.
Chapter 2 System and System Management Diagnostics This chapter describes many of the common system and system management diagnostic processes for Brocade 6910 switch. Basic system information Basic system troubleshooting includes the verification of software images and their locations, and monitoring hardware components such as power supplies. The following sections describe how to display information, and what to look for when troubleshooting your hardware and system software.
Basic system information show alarm-status Syntax: show alarm-status This command displays information on predefined alarms (i.e., non-configurable) and on the link-down alarm (which is displayed as a minor alarm). Console# show alarm-status Unit 1 Asserted Alarm Input : [NONE] Current Major Alarm Status: One of the power status is failed.
TCAM partitioning and usage TCAM partitioning and usage Ternary Content Addressable Memory (TCAM) is a component of Brocade devices that facilitates hardware forwarding. As packets flow through the Brocade device from a given source to a given destination, the management processor records forwarding information about the flow in TCAM entries. A TCAM entry generally contains next-hop information, such as the outgoing port, the MAC address of the next-hop router, a VLAN tag, and so on.
Managing memory and CPU usage Common diagnostic scenarios When troubleshooting TCAM issues, it is helpful to know when a device is running out of TCAM. The following sections describe how to monitor TCAM usage. Displaying TCAM settings When a Brocade device boots, the system automatically sets default TCAM partitions. The default TCAM settings are the same as the default partition percentage settings. NOTE The default TCAM partitions are fixed, and cannot be configured.
Power supplies CPU memory show command The CPU uses memory buffers to handle interprocess communication (IPC) and external packets sent and received by the management processor. show memory Syntax: show memory The show memory command shows the amount of memory currently free for use, the amount of memory allocated to active processes, and the total amount of system memory, and the configured thresholds used for sending an SNMP trap message, as shown in the following example.
Fiber-optic modules Main Power Status : Up Redundant Power Status : Up Configuration notes There are several cautions and warnings that you should pay attention to when installing or replacing power supplies. Refer to the Brocade BR6910 Installation Guide for more information. Common diagnostic scenarios • Power supply is not providing power - check all power connections, and replace faulty power supply if necessary. See the Bro a dc om BR6910 Installation Guide for more information.
Fiber-optic modules • Packet loss Before inserting the fiber cable into the fiber-optic transceiver, ensure that it is free of dust by cleaning the end. A “Fiber Swiper” cleaner is provided by Brocade for this purpose with each optic shipment (reference instructions provided with the Fiber Swiper). It is very important that the end of an optical cable is clean when using any data rate. This must be the first step in troubleshooting symptoms such as those stated previously.
Testing network connectivity Testing network connectivity You can test connectivity to other network devices by pinging those devices. You also can trace routes. Pinging an IP address To verify that a Brocade 6910 switch can reach another device through the network, enter the ping command at the Normal Exec or Privileged Exec level of the CLI, or enter the ping6 command at the Privileged Exec level of the CLI.
Testing network connectivity Tracing a route To determine the path through which the router can reach another network device, enter the traceroute command at the Privileged Exec level of the CLI. traceroute Syntax: traceroute {ipv4-addr | hostname} • ipv4-addr - Specifies the IP address of the device. • hostname - Specifies the host name. The CLI displays trace route information for each hop as soon as the information is received.
Testing network connectivity 12 Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002348-02
Chapter Layer 1 Diagnostics 3 This chapter describes common Layer 1 diagnostic procedures for the Brocade 6910 series switches.
Ethernet diagnostics Because the full-duplex device does not expect incoming frames to be truncated by collision detection, the device reports Frame Check Sequence (FCS) errors. The combination of late collisions reported at the half-duplex end, and FCS errors reported by the full-duplex end, can indicate a duplex mismatch. Ethernet show commands This section describes the show commands that display information about Ethernet interfaces.
Ethernet diagnostics ===== RMON Stats ===== 0 10305324 32060 270 9075 0 0 0 0 0 0 0 0 0 Drop Events Octets Packets Broadcast PKTS Multi-cast PKTS Undersize PKTS Oversize PKTS Fragments Internal Mac Transmit Errors Internal Mac Receive Errors Frames Too Long Carrier Sense Errors Symbol Errors Pause Frames Input show interfaces status ethernet Syntax: show interfaces status ethernet unit/port unit - Unit identifier. (Range: 1) port - Port number.
Ethernet diagnostics show interfaces switchport ethernet Syntax: show interfaces switchport ethernet unit/port unit - Unit identifier. (Range: 1) port - Port number. (Range: 1-12) This command displays the administrative and operational status for Ethernet ports, as shown in the following example.
Ethernet diagnostics A CRC alignment error is generated when the total number of packets received is from 64 through 1518 octets, but contains either a bad FCS with an integral number of octets (FCS error) or a bad FCS with a non-integral number of octets (alignment error). • Runts Any received packet that is less than 64 bytes is illegal, and is called a runt. In most cases, runts arise from a collision, and although they indicate an illegal reception, they may occur on correctly functioning networks.
Ethernet diagnostics 18 Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002348-02
Chapter 4 Layer 2 Protocol Diagnostics This chapter describes Layer 2 troubleshooting and diagnostic processes for the Brocade 6910 switch. MAC address learning In MAC address learning, the source MAC address of each received packet is stored so that future packets destined for that address can be forwarded only to the interface where that address is located. (Packets destined for unrecognized addresses are forwarded out every bridge interface.) MAC address learning, defined in the IEEE 802.
Spanning Tree Protocol and derivatives MAC address learning show commands The following command displays information about the MAC address table. show mac-address-table Syntax: show mac-address-table This command displays the MAC address table, which contains MAC addresses learned from other devices. This table does not contain the MAC addresses of the Brocade device ports.
Spanning Tree Protocol and derivatives ports are blocked to prevent loops that might occur within an IST and also throughout the CST. In addition, MSTP can co-exist with individual devices running STP or RSTP in the Common and Internal Spanning Tree instance (CIST). With the exception of the provisions for multiple instances, MSTP operates exactly like RSTP.
Spanning Tree Protocol and derivatives Designated Port Designated Root Designated Bridge Forward Transitions Admin Edge Port Oper Edge Port Admin Link Type Oper Link Type Flooding Behavior Spanning-Tree Status Loopback Detection Status Loopback Detection Release Mode Loopback Detection Trap Loopback Detection Action Root Guard Status BPDU Guard Status BPDU Guard Auto Recovery BPDU Guard Auto Recovery Interval BPDU Filter Status : : : : : : : : : : : : : : : : : : : 128.16 32768.0001ECF8D8C6 32768.
Spanning Tree Protocol and derivatives Forward Transitions Admin Edge Port Oper Edge Port Admin Link Type Oper Link Type Flooding Behavior Spanning-Tree Status Loopback Detection Status Loopback Detection Release Mode Loopback Detection Trap Loopback Detection Action Root Guard Status BPDU Guard Status BPDU Guard Auto Recovery BPDU Guard Auto Recovery Interval BPDU Filter Status ...
LACP trunking Forward Transitions Admin Edge Port Oper Edge Port Admin Link Type Oper Link Type Flooding Behavior Spanning-Tree Status Loopback Detection Status Loopback Detection Release Mode Loopback Detection Trap Loopback Detection Action Root Guard Status BPDU Guard Status BPDU Guard Auto Recovery BPDU Guard Auto Recovery Interval BPDU Filter Status ...
LACP trunking • Passive mode – In passive link aggregation, the Brocade port can exchange LACPDU messages with the port at the remote end of the link, but this port cannot search for a link aggregation port or initiate negotiation of an aggregate link. In passive mode, the port at the remote end of the link must initiate the LACPDU exchange. When you enable link aggregation on a group of Brocade ports, the Brocade ports can negotiate with the ports at the remote ends of the links to establish trunk groups.
LACP trunking Admin State: Oper State: . . . defaulted, distributing, collecting, synchronization, long timeout, distributing, collecting, synchronization, aggregation, long timeout, LACP-activity Configuration notes • You cannot use 802.3ad link aggregation on a port configured as a member of a static trunk group. • When LACP dynamically adds or changes a trunk group, the show interface status port-channel command displays the trunk as both configured and active.
VLAN trunking VLAN trunking VLAN trunking allows traffic from one VLAN to be transported across a different VLAN. Packets with unknown VLAN IDs entering the switch at the ingress port are allowed to pass through to any configured VLAN trunking port. When unknown VLAN traffic must pass through one or more intermediate switches to reach its destination, you can configure VLAN flooding on ports that form a path across the intermediate switches to connect the source of this traffic to its destination.
Ethernet Ring Protection switching Ethernet Ring Protection switching The ITU G.8032 recommendation specifies a protection switching mechanism and protocol for Ethernet layer network rings. Ethernet rings can provide wide-area multipoint connectivity and redundancy more economically due to their reduced number of links. The mechanisms and protocol defined in G.8032 achieve highly reliable and stable protection; and never form loops, which would fatally affect network operation and service availability.
Connectivity Fault Management CFM is implemented as a service level protocol based on service instances which encompass only that portion of the metropolitan area network supporting a specific customer. CFM can also provide controlled management access to a hierarchy of maintenance domains (such as the customer, service provider, and equipment operator). This switch supports functions for defining the CFM structure, including domains, maintenance associations, and maintenance access points.
Connectivity Fault Management Cross Check MEP Missing Trap Cross Check MA Up : Disabled : Disabled This example shows the CFM status for port 1. Console #show ethernet cfm configuration interface ethernet 1/1 Ethernet 1/1 CFM Status:Enabled This command displays configured maintenance domains. show ethernet cfm md Syntax: show ethernet cfm md [level level] level – Maintenance level. (Range: 0-7) This example shows all configured maintenance domains.
Connectivity Fault Management This example shows all MEPs configured on this device for maintenance domain rd. Console#show ethernet cfm maintenance-points local mep MPID MD Name Level Direct VLAN Port CC Status MAC Address ---- ---------------- ----- ------ ---- -------- --------- ----------------1 rd 0 UP 1 Eth 1/ 1 Enabled 00-12-CF-3A-A8-C0 This command displays detailed CFM information about a specified local MEP in the continuity check database.
Connectivity Fault Management This command displays detailed CFM information about a specified remote MEP in the continuity check database. show ethernet cfm maintenance-points remote detail Syntax: show ethernet cfm maintenance-points remote detail {mac mac-address | mpid mpid} [domain domain-name | level level-id | ma ma-name] mac-address – MAC address of a remote maintenance point.
Operation, Administration and Maintenance This command displays information about remote maintenance points configured statically in a cross-check list. show ethernet cfm maintenance-points remote crosscheck Syntax: show ethernet cfm maintenance-points remote crosscheck [domain domain-name | mpid mpid] domain-name – Domain name. (Range: 1-43 alphanumeric characters) mpid – Maintenance end point identifier. (Range: 1-8191) This example shows all remote MEPs statically configured on this device.
Operation, Administration and Maintenance This example displays counters for OAM PDU message types. Console# show efm oam counters interface 1/1 Port OAMPDU Type TX RX ---- --------------------- ---------- ---------1/1 Information 1121 1444 1/1 Event Notification 0 0 1/1 Loopback Control 1 0 1/1 Organization Specific 76 0 This command displays the OAM event log for the specified port(s) or for all ports that have logs.
Operation, Administration and Maintenance This command displays OAM configuration settings and event counters. show efm oam status interface Syntax: show efm oam status interface [interface-list] [brief] interface-list - unit/port unit - Unit identifier. (Range: 1) port - Port number or list of ports. To enter a list, separate nonconsecutive port identifiers with a comma and no spaces; use a hyphen to designate a range of ports. (Range: 1-12) brief - Displays a brief list of OAM configuration states.
Operation, Administration and Maintenance 36 Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002348-02
Chapter ACL and QoS Diagnostics 5 This chapter provides diagnostic information for Access Control List (ACL) and Quality of Service (QoS) environments, including traffic management. ACLs Access Control List (ACL) show commands help users to diagnose and determine the cause of faults for ACL-related features. For details on Layer 2 ACLs, refer to the Layer 2 ACL chapter in the Brocade BR6910 Configuration Guide.
QoS QoS Quality of Service (QoS) features prioritize the use of bandwidth in a switch. When QoS features are enabled, traffic is classified as it arrives at the switch, and processed on the basis of configured priorities. Traffic can be dropped, prioritized for delivery, or subjected to limited delivery options, depending on how you configure QoS features. QoS show commands show qos map trust-mode Syntax: show qos map trust-mode interface interface interface ethernet unit/port unit - Unit identifier.
QoS show qos map dscp-mutation Syntax: show qos map cos-dscp interface interface interface ethernet unit/port unit - Unit identifier. (Range: 1) port - Port number. (Range: 1-12) port-channel channel-id (Range: 1-12) This map is only used when the QoS mapping mode is set to “DSCP” by the qos map trust-mode command, and the ingress packet type is IPv4.
QoS show queue mode Syntax: show queue mode This command shows the current queue mode. Console# show queue mode Queue Mode : Weighted Round Robin Mode show queue weight Syntax: show queue weight This command displays the weights used for the weighted queues.
Chapter 6 Security Diagnostics This chapter describes diagnostic information for security environments on the Brocade 6910 series switches. 802.1x 802.1x port security allows you to configure a Brocade device to grant access to a port based on information supplied by a client to an authentication server. This section describes how to use show commands to monitor 802.1x configurations and activity on Brocade 6910 series switches. 802.1x show commands You can display the following 802.
802.1x 802.
802.1x Backend State Machine State : Initialize Request Count : 0 Identifier (Server) : 0 Reauthentication State Machine State : Initialize show dot1x statistics Syntax: show dot1x statistics interface ethernet unit/port unit - Unit identifier. (Range: 1) port - Port number. (Range: 1-12) This command displays 802.1x statistics for a specified port, as shown in the following example.
Port loop detection Port loop detection Brocade port loop detection allows the Brocade device to detect loops and disable a port that is on the receiving end of a loop. A loop is detected by sending test packet BPDUs. Port loop detection show commands show spanning-tree Syntax: show spanning-tree [interface] interface ethernet unit/port unit - Unit identifier. (Range: 1) port - Port number.
Port mirroring and monitoring Port mirroring and monitoring You can monitor the traffic on the Brocade ports by configuring another port to mirror the traffic on the ports you want to monitor. The port thus configured is called a mirror port. By attaching a protocol analyzer to the mirror port, you can observe the traffic on the monitored ports.
RADIUS RADIUS show commands show radius-server Syntax: show radius-server This command displays information about all RADIUS servers configured on the device. Console# show radius-server Remote RADIUS Server Configuration: Global Settings: Authentication Port Number Accounting Port Number Retransmit Times Request Timeout : : : : 1812 1813 2 5 Server 1: Server IP Address Authentication Port Number Accounting Port Number Retransmit Times Request Timeout : : : : : 10.11.12.
SNMP Configuration notes • You must deploy at least one RADIUS server in your network to provide authentication services. • Brocade devices support authentication using up to five RADIUS servers. The device tries to use the servers in the order you add them to the device’s configuration. If one RADIUS server is not responding, the Brocade device tries the next one in the list.
SNMP 0 Get-next PDUs 0 Set-request PDUs 0 SNMP packets output 0 Too big errors 0 No such name errors 0 Bad values errors 0 General errors 0 Response PDUs 0 Trap PDUs SNMP Logging: Disabled show snmp engine-id Syntax: show snmp engine-id This command displays the engine ID of a switch, as shown in the following example.
TACACS and TACACS+ show snmp user Syntax: show snmp user This command displays the definition of local and remote SNMP user accounts, as shown in the following example.
TACACS and TACACS+ Remote TACACS+ Server Configuration: Global Settings: Server Port Number : 49 Retransmit Times : 2 Timeout : 5 Server 1: Server IP Address Server Port Number Retransmit Times Timeout : : : : 10.11.12.13 49 2 4 Tacacs Server Group: Group Name Member Index ------------------------- ------------tacacs+ 1 show users Syntax: show users This command displays the privilege level of users of all management interfaces.
Telnet and SSH connections • If you erase a tacacs-server host command (by entering the no form of the command), make sure you also erase the authentication login commands that specify only TACACS or TACACS+ as an authentication method. Otherwise, when you exit from the CONFIG mode or from a Telnet session, the system continues to believe that TACACS or TACACS+ is enabled and you will not be able to access the system.
SNTP SNTP The Simple Network Time Protocol (SNTP) server enables the device to synchronize its clock with an upstream time server. The SNTP server also allows the Brocade device to function as an SNTP server to its downstream clients. SNTP show commands show sntp Syntax: show sntp This command displays information about the SNTP server. Console# show sntp Current Time : Nov 5 18:51:22 2006 Poll Interval : 16 seconds Current Mode : Unicast SNTP Status : Enabled SNTP Server : 137.92.140.80 0.0.0.0 0.0.0.
Chapter 7 Forwarding Diagnostics This chapter describes diagnostics for forwarding protocols and environments on Brocade BR6910 series switches. Trunking Trunk groups are manually-configured aggregate links containing multiple ports. Trunk groups enable load sharing of traffic, and they also provide redundant, alternate paths for traffic if any of the segments fail. Trunking show commands Trunk group configuration information can be displayed.
Trunking show lacp counters Syntax: show lacp channel-id counters This command displays information about the LACP packets sent and received by this trunk. Command output resembles the following example.
Trunking Partner Oper Port Number Port Admin Priority Port Oper Priority Admin Key Oper Key Admin State Oper State : : : : : : 3 32768 32768 0 3 defaulted, distributing, collecting, synchronization, long timeout, : distributing, collecting, synchronization, aggregation, long timeout, LACP-activity ... show lacp sysid Syntax: show lacp sysid This command displays a summary of the system priority and MAC address for all channel groups. Command output resembles the following example.
Trunking 56 Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002348-02
Diagnostic Command Index C CFM maintenance end point, 30 maintenance intermediate point, 30 M maintenance end point, CFM, 30 maintenance intermediate point, CFM, 30 P ping, 10 ping6, 10 S show access-list, 37 show access-list tcam-utilization, 5 show alarm-status, 4 show dot1x, 41 show dot1x interface, 42 show dot1x statistics, 43 show interfaces brief, 14 show interfaces counters ethernet, 14 show interfaces status, 27 show interfaces status ethernet, 15 show interfaces status port-channel, 53 show int
58 Brocade 6910 Ethernet Access Switch Diagnostic Guide 53-1002348-02