Avaya Virtual Services Platform 4000 Troubleshooting Release 5.1.2 NN46251-700 Issue 09.
© 2013-2017, Avaya, Inc. All Rights Reserved. Notice While reasonable efforts have been made to ensure that the information in this document is complete and accurate at the time of printing, Avaya assumes no liability for any errors. Avaya reserves the right to make changes and corrections to the information in this document without the obligation to notify any person or organization of such changes.
documentation, Hosted Service, and the product provided by Avaya including the selection, arrangement and design of the content is owned either by Avaya or its licensors and is protected by copyright and other intellectual property laws including the sui generis rights relating to the protection of databases. You may not modify, copy, reproduce, republish, upload, post, transmit or distribute in any way any content, in whole or in part, including any code and software unless expressly authorized by Avaya.
Contents Chapter 1: Introduction.......................................................................................................... 10 Purpose................................................................................................................................ 10 Related resources................................................................................................................. 10 Support..........................................................................................
Contents Configuring a UNIX system log and syslog host....................................................................... 46 Job aid........................................................................................................................... 49 Configuring secure forwarding................................................................................................ 50 Variable definitions...................................................................................................
Contents Viewing and deleting debug files........................................................................................... 105 Configuring port mirroring..................................................................................................... 110 Configuring global mirroring actions with an ACL................................................................... 113 Configuring ACE actions to mirror.........................................................................................
Contents Autogenerated CFM...................................................................................................... 155 Configuring explicit mode CFM....................................................................................... 159 Displaying SPBM nodal configuration.............................................................................. 166 Configuring simplified CFM SPBM..................................................................................
Contents Troubleshooting IPv6 VRRP................................................................................................. 231 VRRP transitions................................................................................................................. 231 Enabling trace messages for IPv6 VRRP troubleshooting....................................................... 232 Risks associated with enabling trace messages.....................................................................
Contents Viewing IGMP interface information...................................................................................... 290 Viewing IGMP snoop trace information.................................................................................. 292 Viewing IGMP group information.......................................................................................... 293 Viewing multicast group sources...........................................................................................
Chapter 1: Introduction Purpose This document provides information on features in VSP Operating System Software (VOSS). VOSS runs on the following product families: • Avaya Virtual Services Platform 4000 Series • Avaya Virtual Services Platform 7200 Series • Avaya Virtual Services Platform 8000 Series This troubleshooting document describes common problems and error messages, provides information about traps and command logging, and provides techniques you can use to resolve common problems.
Related resources Viewing Avaya Mentor videos Avaya Mentor videos provide technical content on how to install, configure, and troubleshoot Avaya products. About this task Videos are available on the Avaya Support website, listed under the video document type, and on the Avaya-run channel on YouTube. Procedure • To find videos on the Avaya Support website, go to http://support.avaya.com and perform one of the following actions: - In Search, type Avaya Mentor Videos to see a list of the available videos.
Introduction 5. In the GENERAL NOTIFICATIONS area, select the required documentation types, and then click UPDATE. 6. Click OK. 7. In the PRODUCT NOTIFICATIONS area, click Add More Products. 8. Scroll through the list, and then select the product name. 9. Select a release version. 10. Select the check box next to the required documentation types. January 2017 Troubleshooting Comments on this document? infodev@avaya.
Support 11. Click Submit. Support Go to the Avaya Support website at http://support.avaya.com for the most up-to-date documentation, product notices, and knowledge articles. You can also search for release notes, downloads, and resolutions to issues. Use the online service request system to create a service request. Chat with live agents to get answers to questions, or request an agent to connect you to a support team if an issue requires additional expertise.
Introduction 3. In the Search dialog box, select the option In the index named .pdx. 4. Enter a search word or phrase. 5. Select any of the following to narrow your search: • Whole Words Only • Case-Sensitive • Include Bookmarks • Include Comments 6. Click Search. The search results show the number of documents and instances found. You can sort the search results by Relevance Ranking, Date Modified, Filename, or Location. The default is Relevance Ranking.
Chapter 2: Safety messages This section describes the different precautionary notices used in this document. This section also contains precautionary notices that you must read for the safe operation of Avaya Virtual Services Platform 4000 Series. Notices Notice paragraphs alert you about issues that require your attention. The following sections describe the types of notices.
Safety messages El aviso de ESD brinda información acerca de cómo evitar una descarga de electricidad estática y el daño posterior a los productos Avaya. Electrostatic alert: CUIDADO ESD Os avisos do ESD oferecem informações sobre como evitar descarga de eletricidade estática e os conseqüentes danos aos produtos da Avaya. Electrostatic alert: ATTENZIONE ESD Le indicazioni ESD forniscono informazioni per evitare scariche di elettricità statica e i danni correlati per i prodotti Avaya.
Chapter 3: New in this document The following section details what is new for this release in Troubleshooting of Avaya Virtual Services Platform 4000 Series, NN46251-700. Features Release 5.1.2 The following features are included in Release 5.1.2: Secure syslog This release introduces the Secure syslog feature that provides security for the communication path between a syslog server and a syslog client.
New in this document Release 5.1.1 The following features are included in Release 5.1.1: RMON1 This release supports RMON1 so the RMON alarm traps were added to Standard traps on page 87. RMON2 was already supported in a previous release. Commands updates The current release updates the following commands to add more modules and increase the module range. Command Variables added show running-config module Adds the following modules: fa, fhs, ike, ipsec.
Chapter 4: Data collection required for Technical Support cases Use the following sections to learn about how to gather information before you contact Avaya for technical support. Data collection for an outage Perform the following data collection procedures when Avaya Virtual Services Platform 4000 Series is in an outage condition and you require Avaya Technical Support to perform a root cause analysis.
Data collection required for Technical Support cases Example The following example shows output of the flight-recorder all 1 command. VSP-4850GTS-PWR+:1#flight-recorder all 1 Processing Flight-recorder snapshot for 1 .... Flight-recorder snapshot for slot 1 complete, filename is /intflash/PMEM/1/pmem. 20111019114431.1.bin.gz. Processing Flight-recorder trace for 1 .... Flight-recorder trace for slot 1 complete, filename is /intflash/flrec/1/trace.2 0111019114434.1.txt.
Data collection for non outage problems Data collection for non outage problems Use the information in this section to collect data for problems that are less service-impacting than an outage. Gathering critical information This section identifies the critical information that you must gather before you contact Avaya Technical Support. You must attempt to resolve the problem using this document.
Chapter 5: Troubleshooting planning fundamentals You can better troubleshoot the problems on the network by planning for these events in advance. To do this, you must know the following: • that the system is properly installed and routinely maintained • the configuration of the network • the normal behavior of the network Proper installation and routine maintenance To prevent problems, follow proper maintenance and installation procedures.
Normal behavior on the network Logical connections Avaya Virtual Services Platform 4000 Series supports virtual LANs (VLAN). With VLANs, you must know how the devices connect logically as well as physically. Device configuration information Maintain online and paper copies of the device configuration information. Store all online data with the regular data backup for the site.
Troubleshooting planning fundamentals network, you compile normal data for your network. You can compare this normal data against the results that you get when the network experiences trouble. For example, ping each node to discover how long it typically takes to receive a response from devices on your network. Capture and save each response time and you can use these baseline response times to help you troubleshoot.
Chapter 6: Troubleshooting fundamentals This section provides conceptual information and helpful tips for common problems. Connectivity problems Use the following general tasks to isolate connectivity problems: • Check physical connectivity. Verify if an alarm for link or port down exists. • Check the link state by viewing the show interface {gigabitEthernet|loopback| vlan} command output. • Use tools like ping or trace to verify if the connectivity issue is localized to an individual port or VLAN.
Troubleshooting fundamentals 16 1/48-1/50 1/48-1/50 32 1/48-1/50 1/48-1/50 50 1/49 1/49 60 1/50 1/50 70 1/48 1/48 1/45,1/47 1/45,1/47 90 100 102 All 9 out of 9 Total Num of Port Entries displayed --More-- (q = quit) Routing table problems Routing table problems include but are not limited to: • inactive routes • unnecessary routes • black hole routes • flapping links (links that go up and come down) that cause the routes to flap • incorrect route tables • invalid Address Resolution Proto
Cable connection problems Cable connection problems You can usually trace port connection problems to a poor cable connection or to an improper connection of the port cables at either end of the link. To remedy such problems, make sure that the cable connections are secure and that the cables connect to the correct ports at both ends of the link. If you use homemade cables, ensure that the cables are wired correctly. 1000BASE-T cables 1 Gb/s ports operate using Category 5 UTP cabling only.
Chapter 7: Troubleshooting tool fundamentals This section provides conceptual information about the methods and tools that you can use to troubleshoot and isolate problems in the Avaya Virtual Services Platform 4000 Series network. Troubleshooting overview The types of problems that typically occur with networks involve connectivity and performance.
Digital Diagnostic Monitoring Interface List 0x1 ........................... MS TCP Loopback interface 0x2 ...00 12 f0 74 2a 87 ...... Broadcom NetLink (TM) Gigabit Ethernet - Packet Scheduler Miniport 0x3 ...00 14 38 08 19 c6 ...... Broadcom NetXtreme Gigabit Ethernet - Packet Scheduler Miniport 0x4 ...44 45 53 54 42 00 ......
Troubleshooting tool fundamentals Example VSP-4850GTS-PWR+:1#show pluggable-optical-modules config ================================================================================ Pluggable Optical Module Global Configuration ================================================================================ ddm-monitor : disabled ddm-monitor-interval : 5 ddm-traps-send : enabled ddm-alarm-portdown : disabled Flight Recorder The Flight Recorder is a high level term for the framework in place on Virtual Servi
Port mirroring Port mirroring Virtual Services Platform 4000 has a port mirroring feature that helps you monitor and analyze network traffic. Port mirroring supports both ingress (incoming traffic) and egress (outgoing traffic) port mirroring. When you enable port mirroring, the system forwards ingress or egress packets normally from the mirrored (source) port, and sends a copy of the packet to the mirroring (destination) port.
Troubleshooting tool fundamentals Function Support information Many to many (VLAN/multicast group ID) (multiple ports with several different destinations) Not supported Many to one (relation between Remote Mirror Source [RMS] and Remote Mirror Termination [RMT]) Not supported VLAN and port combination as a mirroring destination Not supported Ingress flow mirroring Supported Allow filters to specify a separate destination for each access control entry Supported The following table describes egre
Port mirroring To modify a port mirroring instance, first disable the instance. Also, to change a port or MLT entry, first remove whichever parameter is attached to the entry, and then add the required entry. ACLs, ACEs, and port mirroring You can configure an ACL or an ACE to perform the mirroring operation. To do so, you can configure the ACL global action to mirror, or you can configure the ACE action to mirror. If you use the global action, mirroring applies to all ACEs that match in an ACL.
Troubleshooting tool fundamentals General diagnostic tools Virtual Services Platform 4000 has diagnostic features available with Enterprise Device Manager (EDM) and Avaya command line interface (ACLI). You can use these diagnostic tools to help you troubleshoot operational and configuration issues. You can perform such tasks as configuring and displaying log files, viewing and monitoring port statistics, tracing a route, running loopback and ping tests, and viewing the address resolution table.
General diagnostic tools Activate tracing on one software module at a time. • Initially activate tracing at lower verbosity settings (that is, 2 rather than 3). Increase to verbosity level 3 or 4 only if required, and after level 2 runs safely. • Avoid leaving traces active for extended periods of time. For high CPU utilizations, a few seconds (typically less than 5 seconds) is generally sufficient to identify the cause for sustained high CPU utilization.
Chapter 8: Log and trap fundamentals Use the information in this section to help you understand Simple Network Management Protocol (SNMP) traps and log files, available as part of Avaya Virtual Services Platform 4000 Series System Messaging Platform. Overview of traps and logs System log messaging On a UNIX-based management platform, you can use system log (syslog) messaging to manage event messages.
Overview of traps and logs • Quality of Service (QoS) • Command line interface (CLI) log • software (SW) • Central Processing Unit (CPU) • Internet Protocol (IP) • Virtual Local Area Network (VLAN) • policy • Simple Network Management Protocol (SNMP) log The switch can send information in the system log file, including ACLI command log and the SNMP operation log, to a syslog server. View logs for CLILOG module to track all ACLI commands executed and for fault management purposes.
Log and trap fundamentals Table 4: Log commands accessible for various users Access level role Commands Administrator The remove and delete commands. No user at any access level. The following commands: • more • edit • rename • copy Administrator All configuration commands can only be accessed by the individual in the administrator role, other than the preceding commands. Administrator and auditor All show commands for log files. All users (Administrator, auditor, security, privilege, operator.
Simple Network Management Protocol After starting the syslog server, to ensure authentication, you must setup a remote port forwarding connection to connect the switch with the remote SSH client or the remote TLS server. Secure syslog using SSH: The syslog server is installed on a host that serves as SSH client. The SSH client requests a connection with the SSH server that resides on the switch.
Log and trap fundamentals Important: The switch does not reply to SNMP requests sent to the Virtual Router Redundancy Protocol (VRRP) virtual interface address; it does, however, reply to SNMP requests sent to the physical IP address. An SNMP manager and agent communicate through the SNMP protocol. A manager sends queries and an agent responds; however, an agent initiates traps.
Log message format The following messages are examples of an informational message for CLILOG: CP1 [07/18/14 13:23:11.253] 0x002c0600 00000000 GlobalRouter CLILOG INFO 135.55.40.200 rwa show log file name-of-file log.40300001.1806 13 TELNET: CP1 [07/18/14 13:24:19.739] 0x002c0600 00000000 GlobalRouter CLILOG INFO 135.55.40.200 rwa term more en 15 TELNET: CP1 [07/18/14 13:24:22.577] 0x002c0600 00000000 GlobalRouter CLILOG INFO 135.55.40.200 rwa show log 16 TELNET: CP1 [01/12/70 15:13:59.
Log and trap fundamentals Table 5: Severity levels Severity level Definition EMERGENCY A panic condition that occurs when the system becomes unusable. Usually a severity level of emergency is usually a condition where multiple applications or server are affected. You must correct a severity level of alert immediately. ALERT Any condition requiring immediate attention and correction.
Log files • Alert • Emergency The following table shows the default mapping of internal severity levels to syslog severity levels. Table 6: Default and system log severity level mapping UNIX system error codes System log severity level Internal severity level 0 Emergency Fatal 1 Alert — 2 Critical — 3 Error Error 4 Warning Warning 5 Notice — 6 Info Info 7 Debug — Log files The log file captures hardware and software log messages, and alarm messages.
Log and trap fundamentals Log file transfer The system logs contain important information for debugging and maintaining the switch. After the current log file reaches the configured maximum size, the system creates a new log file for logging. The system transfers old log files to a remote host. You can configure up to 10 remote hosts, which creates long-term backup storage of your system log files. Of the 10 configured remote hosts, 1 is the primary host and the other 9 are redundant.
Log file transfer Three parameters exist to configure the log file: • the minimum acceptable free space available for logging • the maximum size of the log file • the percentage of free disk space the system can use for logging Although these three parameters exist, you can only configure the maximum size of the log file. The switch does not support the minimum size and percentage of free disk space parameters. The internal flash must be less than 75% full for the system to log a file.
Chapter 9: Log configuration using ACLI Use log files and messages to perform diagnostic and fault management functions. Configuring a UNIX system log and syslog host Before you begin • You must log on to the Global Configuration mode in ACLI. About this task Configure the syslog to control a facility in UNIX machines that logs SNMP messages and assigns each message a severity level based on importance.
Configuring a UNIX system log and syslog host 7. View the configuration to ensure it is correct: show syslog [host <1–10>] Example Configure a UNIX system log host address to IPv4 address 47.17.143.52 and syslog host: VSP-4850GTS-PWR+:1(config)#syslog enable VSP-4850GTS-PWR+:1(config)#syslog host 7 address 1.1.1.1 VSP-4850GTS-PWR+:1(config)#syslog host 7 enable VSP-4850GTS-PWR+:1(config)#show syslog host 7 Id : 7 IpAddr : 1.1.1.
Log configuration using ACLI Variable Value ip-header-type Specifies the IP header in syslog packets to circuitless-ip or default. • If the value is default, the IP address of the VLAN is used for syslog packets that are transmitted in-band using input/ output (I/O) ports. • If the value is circuitless-ip, then for all syslog messages (in-band or out-of-band), the circuitless IP address is used in the IP header.
Configuring a UNIX system log and syslog host Variable Value secure-forwarding tcp-port <1025–49151> Set tcp-port for secure forwarding of syslog for host. The default tcp-port is 1025. Important: The tcp-port 6000 cannot be used, as it is used as an internal port for Internal Spanning Tree (IST). severity Specifies the severity levels for which to send syslog messages. The default is info, warning, error, and fatal.
Log configuration using ACLI Parameter Description Enable Enables or disables the sending of messages to the syslog host. The default is disabled. SecureForwardingMode Specifies the mode in which the syslog messages are securely forwarded. The supported values are ssh, tls, and none. The default is none, which means that secure forwarding is disabled. TcpPort Specifies the TCP port to use for secure forwarding for a particular host. The default is 1024.
Configuring secure forwarding show syslog host <1–10> 9. (Optional) Remove the server certificate name: no syslog host <1–10> secure-forwarding mode tls server-cert-name 10. (Optional) Set secure-forwarding mode to none for a particular host: default syslog host <1–10> secure-forwarding mode Next steps After configuring secure forwarding on the switch, set the syslog server to be able to see the log messages on the interactive syslog viewer.
Log configuration using ACLI Variable Value tcp-port <1025–49151> Set tcp-port for secure forwarding of syslog for host. The default tcp-port is 1025. To set the TCP port to default value, use command default syslog host <1–10> secure-forwarding tcp-port. Important: The tcp-port 6000 cannot be used, as it is used as an internal port for Internal Spanning Tree (IST). Installing root certificate for syslog client Use the following procedure to install a root certificate for a syslog client. Procedure 1.
Configuring logging Configuring logging Before you begin • You must log on to the Global Configuration mode in ACLI. About this task Configure logging to determine the types of messages to log and where to store the messages. Note: The platform logs CLILOG and SNMPLOG as INFO. Normally, if you configure the logging level to WARNING, the system skips all INFO messages. However, if you enable CLILOG and SNMPLOG the system logs ACLI Log and SNMP Log information regardless of the logging level you set.
Log configuration using ACLI Variable Value • 3: Manufacturing — this parameter is not available for customer use • 4: Fatal — only fatal messages are recorded screen Configures the log display on the screen to on. Use the no form of the command to stop the log display on the screen: no logging screen transferFile <1–10> address {A.B.C.D} filename-prefix WORD<0–200 Transfers the syslog file to a remote FTP/TFTP server. <1–10> specifies the file ID. The address {A.B.C.
Configuring system logging to external storage Table 10: Variable definitions Variable Value 1–10 Specifies the file ID to transfer. address {A.B.C.D} Specifies the IP address of the host to which to transfer the log file. The remote host must be reachable or the configuration fails. filename WORD<0-255> Specifies the name of the file on the remote host. If you do not configure a name, the current log file name is the default.
Log configuration using ACLI Variable Value the logs. The last three characters denote the sequence number of the log file. Multiple sequence numbers are generated for the same chassis and same slot, if the maximum log file size is reached. loadconfigtime Configures the timeout for loading the configuration file in seconds. The values are 0 to 300 seconds. multicast Configures the system multicast scaling parameter. The multicast scaling values are 0 to 2147483647.
Extending system message control Example VSP-4850GTS-PWR+:1(config)#sys msg-control action suppress-msg VSP-4850GTS-PWR+:1(config)#sys msg-control max-msg-num 10 VSP-4850GTS-PWR+:1(config)#sys msg-control control-interval 15 VSP-4850GTS-PWR+:1(config)#sys msg-control Variable definitions Use the data in the following table to use the sys msg-control command. Table 12: Variable definitions Variable Value action Configures the message control action.
Log configuration using ACLI Example VSP-4850GTS-PWR+:1> enable VSP-4850GTS-PWR+:1# configure terminal Add a force message control pattern. If you use a wildcard pattern (****), all messages undergo message control. VSP-4850GTS-PWR+:1(config)# sys force-msg **** Variable definitions Use the data in the following table to use the sys force-msg command. Table 13: Variable definitions Variable Value WORD<4-4> Adds a forced message control pattern, where WORD<4-4> is a string of 4 characters.
Viewing logs Example Display log file information: Switch:1>enable Switch:1#configure terminal Switch:1(config)#show logging file CP1 [02/06/15 22:38:20.678:UTC] 0x00270428 00000000 GlobalRouter cle: Start CP1 [02/06/15 22:38:21.770:UTC] 0x0027042b 00000000 GlobalRouter s sockserv started, pid:4794 CP1 [02/06/15 22:38:21.771:UTC] 0x0027042b 00000000 GlobalRouter s oom95 started, pid:4795 CP1 [02/06/15 22:38:21.771:UTC] 0x0027042b 00000000 GlobalRouter s oom90 started, pid:4796 CP1 [02/06/15 22:38:21.
Log configuration using ACLI CP1 [02/06/15 22:40:45.839:UTC] 0x000045e5 00400005 DYNAMIC SET GlobalRouter SN MP INFO Sending Cold-Start Trap Variable definitions Use the data in the following table to use the show logging file command. Table 14: Variable definitions Variable Value alarm Displays alarm log entries. CPU WORD<0-100> Specifies the CPU event code and filename. event-code WORD<0–10> Specifies a number that precisely identifies the event reported.
Configuring ACLI logging About this task Note: The platform logs CLILOG and SNMPLOG as INFO. Normally, if you configure the logging level to WARNING, the system skips all INFO messages. However, if you enable CLILOG and SNMPLOG the system logs ACLI Log and SNMP Log information regardless of the logging level you set. This is not the case for other INFO messages. Procedure 1. Enter Global Configuration mode: enable configure terminal 2. Enable ACLI logging: clilog enable 3.
Log configuration using ACLI CP1 rwa CP1 rwa CP1 rwa CP1 rwa CP1 rwa CP1 rwa CP1 rwa CP1 rwa CP1 rwa CP1 rwa CP1 rwa CP1 rwa [02/15/13 06:50:25.972] ena [02/15/13 06:50:30.288] conf t [02/15/13 06:50:39.412] show vlan basic [02/15/13 06:51:09.488] show isis spbm [02/15/13 06:56:00.992] spbm 23 b-vid 2 primar1 [02/15/13 06:56:59.092] show isis [02/15/13 07:10:54.928] show isis interface [02/15/13 07:12:33.404] show isis spbm [02/15/13 07:45:28.596] ena [02/15/13 07:45:30.236] conf t [02/15/13 07:46:29.
Chapter 10: Log configuration using EDM Use log files and messages to perform diagnostic and fault management functions. This section provides procedures to configure and use the logging system in Enterprise Device Manager (EDM). Configuring the system log About this task Configure the system log to track all user activity on the device. The system log can send messages of up to ten syslog hosts. Procedure 1. In the navigation tree, expand the following folders: Configuration > Edit > Diagnostics. 2.
Log configuration using EDM Name Description OperState Specifies the operational state of the syslog service. The default is active. Header Specifies the IP header in syslog packets to circuitlessIP, default, or managementVIP. • If the value is circuitlessIP, the circuitless IP address is used in the IP header for all syslog messages (in-band or out-of-band). If you configure multiple circuitless IPs, the first circuitless IP configured is used. The default value is default.
Configuring the system log table Name Description AddressType Specifies if the address is an IPv4 or an IPv6 address. Address Specifies the IP address of the syslog host. You can log system log messages to external system log hosts with both IPv4 and IPv6 addresses. UdpPort Specifies the UDP port to use to send messages to the syslog host (514–530). The default is 514. Enable Enables or disables the sending of messages to the syslog host. The default is disabled.
Chapter 11: SNMP trap configuration using ACLI Use Simple Network Management Protocol (SNMP) traps and notifications to gather information about device activities, alarms, and other information on management stations. For more information about how to configure SNMP community strings and related topics, see Security for Avaya Virtual Services Platform 4000 Series, NN46251-601. Configuring an SNMP host Before you begin • You must log on to the Global Configuration mode in ACLI.
Configuring SNMP interfaces Example Configure the target table entry: Switch:1>enable Switch:1#configure terminal Switch:1(config)#snmp-server host 198.202.188.207 port 162 v2c ReadView inform timeout 1500 retries 3 mms 484 Variable definitions Use the data in the following table to use the snmp-server host command. Table 16: Variable definitions Variable Value inform [timeout <1-2147483647>] [retries <0-255>] [mms <0-2147483647>] Sends SNMP notifications as inform (rather than trap).
SNMP trap configuration using ACLI About this task Configure an interface to send SNMP traps. If the Avaya Virtual Services Platform 4000 Series has multiple interfaces, configure the IP interface from which the SNMP traps originate. Procedure 1. Configure the destination and source IP addresses for SNMP traps: snmp-server sender-ip {A.B.C.D} {A.B.C.D} 2. If required, send the source address (sender IP) as the sender network in the notification message: snmp-server force-trap-sender enable 3.
Configuring SNMP interfaces Variable Value contact WORD<0–255> Changes the sysContact information for Virtual Services Platform 4000. WORD<0-255> is an ASCII string from 0–255 characters (for example a phone extension or e-mail address). force-iphdr-sender enable Automatically configures the SNMP and IP sender to the same value. The default is no force-iphdr-sender enable. force-trap-sender enable Sends the configured source address (sender IP) as the sender network in the notification message.
SNMP trap configuration using ACLI Variable Value notify-filterWORD<1–32> Creates a new entry in the notify filter table. The first WORD<1-32> specifies the filter profile name, and the second WORD<1-32> specifies the subtree OID. sender-ip Configures the SNMP trap receiver and source IP addresses. Specify the IP address of the destination SNMP server that receives the SNMP trap notification in the first IP address.
Enabling SNMP trap logging About this task Note: The platform logs CLILOG and SNMPLOG as INFO. Normally, if you configure the logging level to WARNING, the system skips all INFO messages. However, if you enable CLILOG and SNMPLOG the system logs ACLI Log and SNMP Log information regardless of the logging level you set. This is not the case for other INFO messages. Procedure 1. Enter Global Configuration mode: enable configure terminal 2. Enable SNMP trap logging: snmplog enable 3.
SNMP trap configuration using ACLI Variable Value Use the command no snmplog enable to disable the logging of traps. file [grep WORD<1–255>|tail] The parameter only applies to log files generated by releases prior to Release 3.2: Shows the trap log file stored on external flash. You can optionally specify search or display parameters: • grep WORD<1–255> performs a string search in the log file. WORD<1–255> is the string, of up to 255 characters in length, to match. • tail shows the last results first.
Chapter 12: SNMP trap configuration using EDM Use Simple Network Management Protocol (SNMP) traps and notifications to gather information about device activities, alarms, and other information on management stations. This section provides procedures to configure and use SNMP traps in Enterprise Device Manager (EDM). For information about how to configure SNMP community strings and related topics, see Security for Avaya Virtual Services Platform 4000 Series, NN46251-601.
SNMP trap configuration using EDM Target Table field descriptions Use the data in the following table to use the Target Table tab. Name Description Name Specifies a unique identifier for this table. The name is a community string. TDomain Specifies the transport type of the address. ipv4Tdomain specifies the transport type of address is an IPv4 address. ipv6Tdomain specifies the transport type of address is IPv6. The default is ipv4Tdomain. TAddress Specifies the transport address in xx.xx.xx.
Configuring target table parameters Configuring target table parameters About this task Configure the target table to configure the security parameters for SNMP. Configure the target table to configure parameters such as SNMP version and security levels. Procedure 1. In the navigation tree, expand the following folders: Configuration > Edit > SnmpV3. 2. Click Target Table. 3. Click the Target Params Table tab. 4. Click Insert. 5. In the Name box, type a target table name. 6.
SNMP trap configuration using EDM Configuring SNMP notify filter profiles About this task Configure the SNMP table of filter profiles to determine whether particular management targets receive particular notifications. Procedure 1. In the navigation tree, expand the following folders: Configuration > Edit > SnmpV3. 2. Click Notify Table. 3. Click the Notify Filter Table tab. 4. Click Insert. 5. In the NotifyFilterProfileName box, type a name for the notify filter profile. 6.
Enabling authentication traps About this task Configure the profile table to associate a notification filter profile with a particular set of target parameters. Procedure 1. In the navigation tree, expand the following folders: Configuration > Edit > SnmpV3. 2. Click Notify Table. 3. Click the Notify Filter Profile Table tab. 4. Click Insert. 5. In the TargetParamsName box, type a name for the target parameters. 6. In the NotifyFilterProfileName box, type a name for the notify filter profile. 7.
SNMP trap configuration using EDM Name Description AuthenticationTraps Enables or disables the sending of traps after an error occurs. The default is disabled. LastErrorCode Specifies the last reported error code. LastErrorSeverity Specifies the last reported error severity: 0= Informative Information 1= Warning Condition 2= Error Condition 3= Manufacturing Information 4= Fatal Condition January 2017 Troubleshooting Comments on this document? infodev@avaya.
Chapter 13: Traps reference The Virtual Services Platform 4000 generates alarms, traps, and logs. This section provides information about traps. Proprietary traps The following tables describe Avaya proprietary traps for Virtual Services Platform 4000. All of the following traps have a status of current. Table 19: 1.3.6.1.4.1.45.4.8.0.xx series OID Notification type Objects Description 1.3.6.1.4.1.45.4.8.0.
Traps reference OID Notification type Objects Description Tree Protocol has gone due a topology change event. 1.3.6.1.4.1.2272.1. rcnChasPowerSu 21.0.6 pplyDown rcChasPowerSupplyId rcChasPowerSupplyOp erStatus An rcnChasPowerSupplyDown trap signifies that the SNMPv2 entity, acting in an agent role, has detected that the rcChasPowerSupplyOperStatus object for one of its power supply unit is about to transition into the down state. 1.3.6.1.4.1.2272.1. rcnChasFanDow 21.0.
Proprietary traps OID Notification type Objects Description 1.3.6.1.4.1.2272.1. rcnSmltLinkDown 21.0.20 rcMltSmltId An rcnSmltLinkDown trap signifies that the split SMLT link is down. 1.3.6.1.4.1.2272.1. rcnChasFanUp 21.0.21 rcChasFanId rcChasFanOperStatus An rcnChasFanUp trap signifies that the SNMPv2 entity, acting in an agent role, has detected that the rcChasFanOperStatus object for one of its power supply unit is about to transition into the up state. 1.3.6.1.4.1.2272.1. rcnPasswordCha 21.0.
Traps reference OID Notification type Objects Description 1.3.6.1.4.1.2272.1. rcnLogMsgContro rcSysMsgLogFrequenc 21.0.60 l y rcSysMsgLogText An rcnLogMsgControl trap signifies whether the number of times of repetition of the particular Log message has exceeded the particular frequency/count or not. 1.3.6.1.4.1.2272.1. rcnSaveConfigFil 21.0.61 e An rcnSaveConfig trap signifies that either the runtime config or the boot config has been saved on the switch. rcSysActionL1 rcSysConfigFileName 1.3.6.1.
Proprietary traps OID Notification type Objects Description table of the virtual router has dropped below the warning threshold. 1.3.6.1.4.1.2272.1. rcnMaxRouteWar 21.0.111 nSet rcVrfName An rcnMaxRouteWarnSet trap signifies that the virtual router routing table is reaching its maximum size. Take action to prevent this. 1.3.6.1.4.1.2272.1. rcnMaxRouteDro 21.0.
Traps reference OID Notification type Objects Description 1.3.6.1.4.1.2272.1. rcnChasPowerSu 21.0.167 pplyNoRedundan cy — An rcnChasPowerSupplyNoRedundancy trap signifies that the chassis is running on power supply without redundancy. 1.3.6.1.4.1.2272.1. rcnChasPowerSu 21.0.168 pplyRedundancy — An rcnChasPowerSupplyRedundancy trap signifies that the chassis is running on power supply with redundancy. 1.3.6.1.4.1.2272.1. rcnLicenseTrialP 21.0.
Proprietary traps OID Notification type Objects Description 1.3.6.1.4.1.2272.1. rcnIsisPlsbLsdbU 21.0.194 pdateTrap rcIsisPlsbTrapType An rcnIsisPlsbLsdbUpdateTrap signifies that link state database (LSDB) information has changed. 1.3.6.1.4.1.2272.1. rcnChasFanCooli 21.0.196 ngLow rcChasFanOperStatus rcChasFanType rcErrorLevel rcErrorText An rcnaChasFanCoolingLow trap signifies that the chassis is running on low fan cooling. 1.3.6.1.4.1.2272.1. rcnIsisPlsbBvidMi rcIsisLocalSysId 21.0.
Traps reference OID Notification type Objects Description 1.3.6.1.4.1.2272.1. rcnIsisPlsbAdjSta 21.0.281 teTrap rcIsisNgbSysId rcIsisLocalInterface rcIsisPlsbTrapType rcIsisAdjState rcIsisNgbHostName An rcnIsisPlsbAdjStateTrap signifies when IS-IS adjacency state changes. 1.3.6.1.4.1.2272.1. rcnIsisPlsbDuplic 21.0.
Standard traps OID Notification type Objects rcIsisSmltVirtBmacMisc onfigNodeHostName Description rcIsisTrapIndicator Table 21: 1.3.6.1.4.1.2272.1.206.x.x.x series OID Notification type Objects Description 1.3.6.1.4.1.2272.1. rcVrrpTmpTrapNe rcVrrpTmpOperationsM 206.1.0.1 wMaster asterIpAddr rcVrrpTmpNewMasterR eason 1.3.6.1.4.1.2272.1. rcVrrpExtTrapStat ifIndex 206.2.2.
Traps reference OID Notification type Objects Description 1.3.6.1.2.1.46.1.3. 0.3 vrrpTrapStateTra nsition ifIndex vrrpTrapStateTransition Type vrrpTrapStateTransition Cause vrrpOperVrId vrrpOperIpAddr ipAdEntAddr A vrrpTrapStateTransition trap signifies a state transition has occurred on a particular Virtual Router Redundancy Protocol (VRRP) interface. Implementation of this trap is optional.
Standard traps OID Notification type Objects Description pingResultsAverageRtt pingResultsProbeResp onses pingResultsSentProbes pingResultsRttSumOfS quares pingResultsLastGoodPr obe 1.3.6.1.2.1.80.0.
Traps reference OID Notification type Objects Description AddrType traceRouteResultsIpTgt Addr 1.3.6.1.6.3.1.1.5.1 coldStart — A coldStart trap signifies that the SNMPv2 entity, acting in an agent role, is reinitializing and that its configuration may have been altered. 1.3.6.1.6.3.1.1.5.2 warmStart — A warmStart trap signifies that the SNMPv2 entity, acting in an agent role, is reinitializing such that its configuration is unaltered. 1.3.6.1.6.3.1.1.5.
Chapter 14: Hardware troubleshooting The following sections provide troubleshooting information for common hardware problems. Using trace to diagnose hardware problems Before you begin • You must log on to the Privileged EXEC mode in ACLI. About this task Use trace to observe the status of a hardware module at a given time. Procedure 1. Begin the trace operation: line-card 1 trace level [{67–179} {0–4}] 2.
Hardware troubleshooting Table 23: Variable definitions Variable Value {67–179} {0–4} Starts the trace by specifying the module ID and level. <67-179> specifies the module ID. <0-4> specifies the trace level from 0–4, where 0 is disabled; 1 is very terse; 2 is terse; 3 is very verbose, 4 is verbose. WORD<0–1024> Performs a string search in the trace. Troubleshooting USB viewing problems After you insert a USB device in the USB slot, the Linux system automatically detects and mounts the device.
Troubleshooting USB viewing problems 6. If errors are detected, then you can reformat the device: dos-format /usb Caution: If you format the device, you erase all data on the device. Example Check the file system: Switch:1>enable Switch:1#ls /usb/ Listing Directory /usb/: drwxr-xr-x 4 0 0 4096 Jan 1 1970 ./ drwxrwxr-x 22 0 0 0 Sep 9 20:22 ..
Chapter 15: Software troubleshooting This section contains general troubleshooting information for Avaya Virtual Services Platform 4000 Series software. Failure to read failed configuration file The device can fail to read and load a saved configuration file after it starts. This situation occurs if you enable the factorydefaults boot configuration flag. Configure the flag to false: no boot config flags factorydefaults.
Debug files software but it does not work. You must download and install the encryption modules separately from the software releases. Debug files Virtual Services Platform 4000 stores debug files in the intflash directory. The debug file is in a zipped format and contains information to help debug the device, including: • a memory snapshot • logs • traces Avaya recommends you delete these files to ensure enough space exists in the internal flash on the CP module. New files do not overwrite old files.
Chapter 16: Software troubleshooting tool configuration using ACLI Use the tools described in this section to perform troubleshooting procedures using ACLI. Using ACLI for troubleshooting Before you begin • You must log on to at least Privileged EXEC mode in ACLI to use the show runningconfig and show interfaces commands in this procedure. About this task You can use ACLI to provide diagnostic information. Procedure 1. Disable scrolling of the output display: terminal more disable 2.
Using ACLI for troubleshooting policer {slot/port[-slot/port][,...]}|rmon {slot/port[-slot/port] [,...]}[history]|verbose {slot/port[-slot/port][,...]}> Note: This show interfaces gigabitEthernet statistics rmon command displays information only if you previously configured rmon stats or rmon history. 6. Capture the output for the following command after you observe a problem with the device: show interfaces gigabitEthernet error {slot/ port[-slot/port][,...
Software troubleshooting tool configuration using ACLI BaseMacAddr MacAddrCapacity : b0:ad:aa:54:d8:00 : 256 Temperature System MTU : 31 : 9600 --More-- (q = quit) Capture the output for the following command after you observe a problem with the device: VSP-4850GTSPWR+:1#show interfaces gigabitethernet statistics ================================================================================ Port Stats Interface ================================================================================ PORT IN
Using ACLI for troubleshooting Variable definitions Use the data in the following table to use the more command. Variable Value WORD<1–99> Specifies the file name to view. Provide the filename in one of the following formats: a.b.c.d:, / intflash/. Use the data in the following table to use the show running-config command.
Software troubleshooting tool configuration using ACLI Using software record dumps About this task Capture a dump of the software records from ingress traffic to help troubleshoot performance problems. Generally, a verbosity level of 1 suffices. Procedure Dump software record information: dump ar <1–12> WORD<1-1536> <0-3> Example VSP-4850GTSPWR+:1>enable VSP-4850GTSPWR+:1(config)#dump ar 1 vlan 1 Variable definitions Use the data in the following table to use the dump ar command.
Using trace to diagnose problems clear trace 2. Identify the module ID for which you want to use the trace tool: show trace modid-list 3. Begin the trace operation: trace level [<0-234>] [<0-4>] 4. Wait approximately 30 seconds. The default trace settings for CPU utilization are: • High CPU Utilization: 90% • High Track Duration: 5 seconds • Low CPU Utilization: 75% • Low Track Duration: 5 seconds 5. Stop tracing: trace shutdown 6. View the trace results: show trace file [tail] 7.
Software troubleshooting tool configuration using ACLI 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 - BRIDGE OSPF HWIF SIM CPP NETDRV VLAN_MGR CLI MAIN P2IP RCIP WEBSRV ACIF GBIF TDP MAN_DIAG MAN_TEST 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 - LOOPBACK SPBM MRP EFM DHU DHCPSNOOP DAI ERCD_DHCPS KHI NETWRS NETINET OS VXNET USR VXCONFIG OSAL MISC SHELL --More-- (q = quit) Begin the trace operation: Switch:1#trace level 2 3 Stop tracing: Switch:1#trace shutdown Save th
Using trace to diagnose IPv6 problems Variable Value grep [WORD<0-128>] Search trace results for a specific string value, for example, the word error. Performs a comparison of trace messages. level [<0-234>] [<0-4>] Starts the trace by specifying the module ID and level. • <0-234> specifies the module ID. • <0-4> specifies the trace level from 0–4, where 0 is disabled; 1 is very terse; 2 is terse; 3 is very verbose, 4 is verbose. route-map Enables or disables the trace route-map.
Software troubleshooting tool configuration using ACLI enable 2. Activate or deactivate the trace for the IPv6 base: trace ipv6 base 3. Activate or deactivate the trace for IPv6 forwarding: trace ipv6 forwarding 4. Activate or deactivate the trace for IPv6 neighbor discovery: trace ipv6 nd 5.
Viewing and deleting debug files Switch:1#trace shutdown Switch:1#clear trace Removed 5 files. Variable definitions Use the data in the following table to use the trace ipv6 command. Table 27: Variable definitions Variable Value base Enables or disables a specific trace category for IPv6 base. forwarding Enables or disables a specific trace category for IPv6 forwarding.
Software troubleshooting tool configuration using ACLI • wd_stats If you want to delete a specific file, you must use the remove command. For more information, see Commands Reference for Avaya Virtual Services Platform 4000 Series, NN46251-104. Procedure 1. Log on to the switch to enter User EXEC mode. 2. View debug files: show debug-file [all][{slot[-slot][,...]] 3. Delete debug files: debug-file remove [all][{slot[-slot][,...]] 4. Enter Privileged EXEC mode: enable 5.
Viewing and deleting debug files 4. Size: Created: File: Size: Created: 1170432 bytes Tue Jun 12 08:55:56 2012 core.coreManager.x.20120612085558.2.tar 1883136 bytes Tue Jun 12 08:56:00 2012 ================================================================================ Archive Files ================================================================================ Directory: /intflash/archive/1 1. File: archive.20120611083021.1.tar Size: 34296320 bytes Created: Mon Jun 11 08:30:22 2012 2. File: archive.
Software troubleshooting tool configuration using ACLI ================================================================================ DMalloc Files ================================================================================ ================================================================================ Flrec Files ================================================================================ ================================================================================ WdStats Files ===========
Viewing and deleting debug files 2. 3. Size: Created: File: Size: Created: File: Size: Created: 1550336 bytes Mon Jun 11 16:35:40 2012 archive.20120611164436.SF4.tar 1781248 bytes Mon Jun 11 16:44:39 2012 archive.20120611164549.SF4.tar 1811968 bytes Mon Jun 11 16:45:53 2012 ================================================================================ PMEM Files ================================================================================ Directory: /intflash/PMEM/4 1. File: pmem.20120607194023.4.
Software troubleshooting tool configuration using ACLI 9. File: Size: Created: 10. File: Size: Created: 11. File: Size: Created: core.cbcp-main.x.20130220143809.1.tar 13969920 bytes Wed Feb 20 14:38:10 2013 core.cbcp-main.x.20130225155025.1.tar 13526016 bytes Mon Feb 25 15:50:25 2013 core.cbcp-main.x.20130225155407.1.tar 12674560 bytes Mon Feb 25 15:54:07 2013 Variable definitions Use the data in the following table to use the show core-files command. Variable Value {slot[-slot][,...
Configuring port mirroring About this task Use port mirroring to aid in diagnostic and security operations. Use port mirroring to make a copy of a traffic flow and send that copy to a device for analysis, for example, for diagnostic sniffing. Use the mirror to see the packets in the flow without breaking into the physical connection to place a packet onto the sniffer inline. You can also use port mirroring for security. You can send flows to inspection engines for post processing.
Software troubleshooting tool configuration using ACLI VSP-4850GTSPWR+:1(config)# no mirror-by-port 8 enable Mirror both ingress and egress traffic passing through port 1/16: VSP-4850GTSPWR+:1(config)# mirror-by-port 8 mode both Enable mirroring for the instance: VSP-4850GTSPWR+:1(config)# mirror-by-port 8 enable The following example shows sample command output; it does not necessarily reflect the preceding examples.
Configuring global mirroring actions with an ACL Variable Value Before you can modify an existing entry, you must disable the entry: no mirror-by-port <1-479> enable. monitor-port <1-479> {slot/port[-slot/port][,...]} Modifies the monitoring ports. Before you can modify an existing entry, you must disable the entry: no mirror-by-port <1-479> enable. monitor-vlan <1-479><1-4059> Modifies the monitoring VLAN.
Software troubleshooting tool configuration using ACLI Table 29: Variable definitions Variable Value <1-2048> Specifies an ACL ID from 1–2048. default-action Specifies the global action to take for packets that do not match an ACL. global-action {monitor-dst-mlt Specifies the global action to take for matching ACLs: PT_MLT<1–512>|monitor-dst-ports • monitor destination MLT—Configures mirroring to a destination {slot/port[-slot/port ][,...]}} MultiLink Trunking (MLT) group.
Clearing ARP information for an interface Variable definitions Use the data in the following table to use the filter acl ace action command. Table 30: Variable definitions Variable Value 1-2048 Specifies the ACL ID from 1–2048 1-2000 Specifies the ACE ID from 1–2000. monitor-dst-mlt <1–512> Configures mirroring to a destination MLT group. monitor-dst-ports {slot/port[-slot/ port ][,...]} Configures mirroring to a destination port or ports.
Software troubleshooting tool configuration using ACLI Table 31: Variable definitions Variable Value <1-4059> Specifies the VLAN ID in the range of 1 to 4059. VLAN IDs 1 to 4059 are configurable. The system reserves VLAN IDs 4060 to 4094 for internal use. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. slot/port[-slot/port][,...] Identifies the slot and port in one of the following formats: a slot and port (1/1), a range of ports (1/2-1/4), or a series ports (1/2,1/3).
Pinging an IP device Example VSP-4850GTSPWR+:1> enable VSP-4850GTSPWR+:1# configure terminal VSP-4850GTSPWR+:1(config)# interface gigabitethernet 1/1 VSP-4850GTSPWR+:1(config-if)# action flushAll VSP-4850GTSPWR+:1(config-if)# exit VSP-4850GTSPWR+:1(config)# clear ip route gigabitethernet 1/1 Variable definitions Use the data in the following table to use the clear ip route command. Table 32: Variable definitions Variable Value <1-4059> Specifies the VLAN ID in the range of 1 to 4059.
Software troubleshooting tool configuration using ACLI Procedure Ping an IP network connection: ping WORD<0–256> [-d] [-I <1–60>] [-s] [-t <1–120>] [count <1–9999>] [datasize <28-9216|28-51200>] [interface WORD<1-256>|gigabitEthernet| tunnel|vlan] [scopeid <1–9999>] [source WORD<1-256>] [vrf WORD<1–16>] Variable definitions Use the data in the following table to use the ping command. Variable Value count <1–9999> Specifies the number of times to ping (1–9999). -d Configures the ping debug mode.
Running a traceroute test Running a traceroute test Use traceroute to determine the route packets take through a network to a destination. Before you begin • You must log on to at least Privileged EXEC mode in ACLI. About this task Ping and traceroute can fail for VRF routes if you use large packet sizes for the operation.
Software troubleshooting tool configuration using ACLI Showing SNMP logs Before you begin • You must log on to the Global Configuration mode in ACLI. About this task Show the full SNMP logs. SNMP logs display the alarms and events that have been registered on the device. Procedure Show the logs: show fulltech file WORD<1-99> Variable definitions Use the data in the following table to use the show fulltech command.
Using trace to examine IS-IS control packets global | perf | ucast-fib | node | mcast-fib | isid | ip-shortcut | debug |ip6–shortcut} 2. Identify the module ID for which you want to use the trace tool: show trace modid-list 3. Clear the trace: clear trace 4. Begin the trace operation: trace level [<0-215>] [<0-4>] OR trace spbm isis level [<0-4>] OR trace cfm level [<0-4>] Note: Module ID 119 represents the IS-IS module. 5. Wait approximately 30 seconds.
Software troubleshooting tool configuration using ACLI 10. Search trace results for a specific string value: trace grep [WORD<0-128>] If you use this command and do not specify a string value, you clear the results of a previous search. 11. Stop tracing: trace shutdown 12.
Using trace to examine IS-IS control packets Table 34: Variable definitions Variable Value remove { none | tx-hello | rx-hello | tx-pkt Removes the Intermediate-System-to-Intermediate-System (IS| rx-pkt | adj | opt | tx-lsack | rx-lsack | tx- IS) trace flags for the specified option.
Software troubleshooting tool configuration using ACLI Variable Value • auth-fail — Authorization failed • config — Configuration • purge — Link State Packet purge • redist — Redistribute • tx-snp — Transmitted Sequence Number PDU (CSNP and PSNP) • rx-snp — Received Sequence Number Packet (CSNP and PSNP) • timer — Timer • spbm-decide — SPBM decide flag • global — Global flag • perf — SPBM performance • ucast-fib — Unicast Forwarding Information Base • node — Node • isid — I-SID • ip-shortcut — IP Shortcut
Using trace to examine IS-IS control packets Variable Value cfm level [<0-4>] Starts tracing by CFM. • <0-4> specifies the trace level from 0–4, where 0 is disabled; 1 is very terse; 2 is terse; 3 is very verbose, 4 is verbose. spbm isis level [<0-4>] Specifies exactly which IS-IS component to display. • <0-4> specifies the trace level from 0–4, where 0 is disabled; 1 is very terse; 2 is terse; 3 is very verbose, 4 is verbose.
Software troubleshooting tool configuration using ACLI Viewing the metric type of IS-IS route in TLVs – detailed About this task Use the following procedure to view the detailed information about metric type of IS-IS routes in TLVs in Link State Packets (LSP). Procedure 1. Display the detail view of TLV 135: show isis lsdb tlv 135 detail 2.
Viewing the metric type of IS-IS route in TLVs – summarized Viewing the metric type of IS-IS route in TLVs – summarized About this task Use the following procedure to view the summarized information about metric type of IS-IS routes in TLVs. You can also view the metric type of the prefix. Procedure Display the summarized view of TLVs 135 and 184: show isis lsdb ip-unicast Example Display the summarized view of TLVs.
Chapter 17: Software troubleshooting tool configuration using EDM Use the tools described in this section to perform troubleshooting procedures using Enterprise Device Manager (EDM). Flushing routing tables by VLAN About this task For administrative and troubleshooting purposes, sometimes you must flush the routing tables. You can use EDM to flush the routing tables by VLAN or flush them by port. Perform this procedure to flush the IP routing table for a VLAN. Procedure 1.
Configuring port mirroring Procedure 1. On the Device Physical View, select a port. 2. In the navigation tree, expand the following folders: Configuration > Edit > Port. 3. Click General. 4. Click the Interface tab. 5. In the Action section, select flushAll. In a port context, all entries associated with the port are flushed. You can flush the ARP entries and IP routes for a port. After you flush a routing table, it is not automatically repopulated.
Software troubleshooting tool configuration using EDM because tx mode port mirroring happens on the mirror source port before the source port squelching logic drops the packets at the egress port. 7. Click Insert. Port Mirrors field descriptions Use the data in the following table to use the Port Mirrors tab. Name Description Id Specifies an assigned identifier for the configured port mirroring instance. MirroredPortList Specifies a port to be mirrored (the source port).
Configuring ACLs for mirroring 3. Click the ACL tab. 4. Double-click the parameterMirrorVlanId to configure mirroring to a destination VLAN. 5. Double-click the parameterMirrorMltId to configure mirroring to a destination MLT group. 6. Double-click the parameter MirrorDstPortList to configure mirroring to a destination port or ports. ACL field descriptions Use the data in the following table to use the ACL tab. Name Description AclId Specifies a unique identifier for the ACL from 1–2048.
Software troubleshooting tool configuration using EDM Configuring ACEs for mirroring Before you begin • The ACL exists. • The ACE exists. About this task Configure actions to use filters for flow mirroring. Use an ACE to define the mirroring actions the filter performs. If you use the mirror action, ensure that you specify the mirroring destination: IP address, MLTs, ports, or VLANs. Procedure 1. In the navigation tree, expand the following folders: Configuration > Security > Data Path. 2.
Running a ping test Name Description This action is a QoS action. The ACE ID must be in the range of 1001–2000. RemarkDot1Priority Specifies the new 802.1 priority bit for matching packets: zero, one, two, three, four, five, six, or seven. This action is a QoS action. The ACE ID must be in the range of 1001–2000. The default is disable. InternalQoS This variable is a QoS action. The ACE ID must be in the range of 1001–2000. The default value is 1.
Software troubleshooting tool configuration using EDM 5. In the OwnerIndex box, type the owner index. 6. In the TestName box, type the name of the test. 7. In the TargetAddress box, type the host IP address. 8. From the AdminStatus options, select enabled. 9. In the remainder of the option boxes, type the desired values. 10. Click Insert. 11. Select and entry, and then click Start. Let the test run for several seconds. 12. Select an entry, and then click Stop. 13. View the Ping results.
Viewing ping results Name Description TrapGeneration Specifies when to generate a notification. The options are: • ProbeFailure—Generates a PingProbeFailed notification subject to the value of TrapProbeFailureFilter. The object TrapProbeFailureFilter can specify the number of successive probe failures that are required before a pingProbeFailed notification is generated. • TestFailure—Generates a PingTestFailed notification.
Software troubleshooting tool configuration using EDM Ping Result field descriptions Use the data in the following table to use the Ping Result tab. Name Description OwnerIndex Specifies the ping test owner. TestName Specifies the test name. OperStatus Indicates the operational status of the test. The default is disabled. IpTargetAddressType Specifies the IP address type of the target. The default is unknown. IpTargetAddress Specifies the IP address of the target.
Running a traceroute test Ping Probe History field descriptions Use the data in the following table to use the Ping Probe History tab. Name Description OwnerIndex Specifies the owner index TestName Indicates the name given to the test. Index Specifies the index number. Response Indicates the amount of time, measured in milliseconds, between request (probe) and response, or when the request timed out. Response is reported as 0 when it is not possible to transmit a probe.
Software troubleshooting tool configuration using EDM Let the test run for several seconds. 8. Select an entry, and then click Stop. 9. View the traceroute test results. Trace Route Control field descriptions Use the data in the following table to use the Trace Route Control tab. Name Description OwnerIndex Provides access control by a security administrator using the VACM for tables in which multiple users need to independently create or modify entries.
Viewing traceroute results Name Description MiscOptions Enables an application to specify implementation-dependent options. MaxFailures Indicates the maximum number of consecutive timeouts allowed before terminating a remote traceroute request. The default is 5. DontFragment Enables setting of the do not fragment (DF) flag in the IP header for a probe. The default is disabled. InitialTtl Specifies the initial time-to-live (TTL) value to use. The default is 1.
Software troubleshooting tool configuration using EDM Procedure 1. From the navigation tree, expand the following folders: Configuration > Edit > Diagnostics. 2. Click Ping/Trace Route. 3. Click the Trace Route Control tab. 4. Select a traceroute entry. 5. Click Trace Route Result. Trace Route Result field descriptions Use the data in the following table to use the Trace Route Result tab. Name Description OwnerIndex Specifies the index of the owner. TestName Specifies the name of the test.
Viewing the traceroute history 2. Click Ping/Trace Route. 3. Click the Trace Route Control tab. 4. Select an entry. 5. Click Trace Route Probe History. Route Probe History field descriptions Use the data in the following table to use the Trace Route Probe History tab. Name Description OwnerIndex Identifies the Trace Route entry to which a probe result belongs. TestName Specifies the test name. Index Specifies the Index.
Chapter 18: Layer 1 troubleshooting Use this section to help you troubleshoot Layer 1 (physical layer) problems. Troubleshooting fiber optic links About this task You can troubleshoot fiber optic links to ensure that the optical transmitters and receivers operate correctly, and to determine if a receiver is saturated, or does not receive enough power. To troubleshoot optical links and devices, you can use Digital Diagnostic Monitoring (DDM), as well as published optical specifications.
Troubleshooting fiber optic links • For long fiber links, the transmit and received power are similar (after taking into consideration connection losses and fiber attenuation). Large differences can mean a damaged fiber or dirty or faulty connectors. Large differences can also mean that the link does not use the right type of fiber (single mode or multimode).
Chapter 19: Operations and Management CFM fundamentals The Shortest Path Bridging MAC (SPBM) network needs a mechanism to debug connectivity issues and to isolate faults. This is performed at Layer 2, not Layer 3. Connectivity Fault Management (CFM) operates at Layer 2 and provides an equivalent of ping and traceroute. To support troubleshooting of the SPBM cloud, the Avaya Virtual Services Platform switch supports a subset of CFM functionality. Configure CFM on all SPBM VLANs.
CFM fundamentals Autogenerated CFM and explicitly configured CFM The Avaya Virtual Services Platform switch simplifies CFM configuration with autogenerated CFM. With autogenerated CFM, you use the commands cfm spbm enable and cfm cmac enable and the switch creates default MD, MA, MEPs, and MIPs for SPBM B-VLANs and C-VLANs respectively. If you choose to configure CFM explicitly, you must configure an MD, MA, MEPs, and MIPs.
Operations and Management Using CFM For SPBM B-VLANs, the autogenerated MEPs and MIPs respond to l2 ping, l2 traceroute, and l2 tracetree in the same manner as the MEPs and MIPs created explicitly. For C-VLANs, the autogenerated MEPs and MIPs respond to l2 ping and l2 traceroute, but not to l2 tracetree because no multicast trees exist on C-VLANs. The CFM show commands that display MD, MA, and MEP information work for both autogenerated and explicitly configured CFM MEPs.
CFM fundamentals Figure 1: MD level assignment Maintenance association endpoints (MEP) A Maintenance Endpoint (MEP) represents a managed CFM entity, associated with a specific Domain Service Access Point (DoSAP) of a service instance, which can generate and receive CFM Protocol Data Units (PDU) and track any responses. A MEP is created by MEP ID under the context of an MA.
Operations and Management Fault detection and notification are achieved through the use of Continuity Check Messages (CCM). CCM messages are not supported in the current release. Fault verification Fault verification is achieved through the use of Loopback Messages (LBM). An LBM is a unicast message triggered by the operator issuing an operational command. LBM can be addressed to either a MEP or Maintenance Intermediate Point (MIP) but only a MEP can initiate an LBM.
CFM fundamentals Fault isolation Fault isolation is achieved through the use of Linktrace Messages (LTM). LTM is intercepted by all the MPs on the way to the destination MP. Avaya Virtual Services Platform 8000 Series supports two types of LTM. The first type, the unicast LTM, can be addressed to either MEP or MIP MAC address. Each MP on the way decrements the TTL field in the LTM frame, sends Linktrace Reply (LTR), and forwards the original LTM to the destination.
Operations and Management • A MEP that is not the target but is on the path to the target - Generates a reply as described above. - It also sets one of the flags fields in the reply to indicate that it is the terminal MEP. Link trace message — multicast The multicast link trace message (LTM) can be used to trace the multicast tree from any node on any I- SID using the nickname MAC address and the I-SID multicast address.
CFM fundamentals Destination addresses for C-VLAN l2 traceroute and linktrace messages For C-VLANs, CFM uses the following destination MAC addresses for the corresponding maintenance domain (MD) levels for l2 traceroute and linktrace messages. The Avaya Virtual Services Platform switch supports both l2 traceroute and linktrace for C-VLANs, but Avaya prefers you use l2 traceroute.
Operations and Management Layer 2 tracemroute The l2tracemroute command is a proprietary command that allows the user to trace the multicast tree for a certain multicast flow. The user specifies source, group, and service context (either VLAN or VRF) for the multicast flow to trace. CFM sends a multicast LTM using an internal calculation to map the source, group, and context to the corresponding target address. The LTR comes from all leaves of the multicast tree for that flow, as well as transit nodes.
CFM fundamentals The Nodal MEP and MIP are expanded to respond to both the Nodal MAC address as well as the Virtual SMLT MAC address if both MACs are being advertised on its B-VLAN. In addition a source mode is added to the LTM and LBM command to use either the Nodal MAC or the SMLT virtual MAC address as the source MAC in the packet. Configuration considerations When you configure CFM, be aware of the following configuration considerations.
Operations and Management addresses in a backbone MAC (B-MAC) address pair. MAC-in-MAC encapsulation defines a B-MAC destination address (BMAC-DA) and a B-MAC source address (BMAC-SA). In SPBM, each node populates its forwarding database (FDB) with the B-MAC information derived from the IS-IS shortest path tree calculations. Typically the SPBM Backbone Core Bridges (BCBs) in the SPBM cloud only learn the B-MAC addresses.
CFM configuration using ACLI • Simplified: In the simplified way of configuring CFM, you can use the simplified command cfm spbm enable which automatically creates the MD, MA, MEP and associates it with the BVLAN and the MIP level with the B-VLAN. Autogenerated CFM CFM provides two methods for configuration; autogenerated and explicit. You cannot use both. You must choose one or the other.
Operations and Management Important: CFM supports one MEP or MIP for each SPBM B-VLAN only. This means that if you want to use these autogenerated MEPs, you cannot use your existing CFM configuration. You must first remove the existing MEP or MIP on the SPBM B-VLAN. If you want to continue configuring MEPs manually, skip this procedure. Procedure 1. Enter Global Configuration mode: enable configure terminal 2.
CFM configuration using ACLI ====================================== 6 enable 4 00:15:e8:b8:a3:df Variable definitions Use the data in the following table to use the cfm spbm command. Variable Value level<0-7> Specifies the global SPBM CFM maintenance level for the chassis within the range of 0 to 7. The default is 4. Only configure global CFM at one MD level for each chassis for each VLAN type. mepid<1-8191> Specifies the global MEP ID within the range of 1– 8191.
Operations and Management level attribute. The autogenerated CFM commands also create an MA for each C-VLAN, a MEP for each C-VLAN, associate the MEP with the corresponding C-VLAN, and a MIP with the C-VLAN. All the MEPs that the device creates use the MEP ID configured under the global context, which has a default value of 1. The device automatically associates the MEPs with the C-VLANs configured. The MIP level maps to the global level.
CFM configuration using ACLI ====================================== 0 enable 4 00:15:e8:b8:a3:de Variable definitions Use the data in the following table for the cfm cmac command. Variable Value level<0-7> Specifies the global C-MAC CFM maintenance level for the chassis within the range of 0 to 7. The default is 4. Only configure global CFM at one MD level for each chassis for each VLAN type. mepid<1-8191> Specifies the global MEP ID within the range of 1– 8191.
Operations and Management Configuring CFM MD Use this procedure to configure the Connectivity Fault Management (CFM) Maintenance Domain (MD). An MD is the part of a network that is controlled by a single administrator. A single MD can contain several Maintenance Associations (MA). Procedure 1. Log on to Global Configuration mode: enable configure terminal 2. Create the CFM MD: cfm maintenance-domain WORD<0–22> [index <1–2147483647>] [maintenance-level <0–7>] [level <0–7>] 3.
CFM configuration using ACLI Variable Value WORD<0–22> Specifies the maintenance domain name. index <1–2147483647> Specifies a maintenance domain entry index. maintenance-level <0–7> Specifies the MD maintenance level when creating the MD. The default is 4. level <0–7> Modifies the MD maintenance level for an existing MD. The default is 4. Configuring CFM MA Use this procedure to configure the CFM Maintenance Association (MA).
Operations and Management ================================================================================ Domain Name Assn Name -------------------------------------------------------------------------------md1 ma1 Total number of MA entries: 1. Variable definitions Use the data in the following table to use the cfm maintenance-association command. Variable Value WORD<0–22> WORD<0–22> Creates the CFM MA. The first parameter, specifies the MD name. The second parameter, specifies the MA name.
CFM configuration using ACLI VSP-4850GTS> show cfm maintenance-endpoint ================================================================================ Maintenance Endpoint Config ================================================================================ DOMAIN ASSOCIATION MEP ADMIN NAME NAME ID -------------------------------------------------------------------------------md1 ma1 1 enable Total number of MEP entries: 1.
Operations and Management 2. Display the nodal MEP configuration: show vlan nodal-mep <1-4059> 3. Remove the nodal MEPs from the B-VLAN: no vlan nodal-mep <1-4059> WORD<0–22> WORD<0–22> <1–8191> 4. Add nodal MIP level to the B-VLAN: vlan nodal-mip-level <1-4059> WORD<0–15> 5. Display the nodal MIP level configuration: show vlan nodal-mip-level [<1-4059>] 6.
CFM configuration using ACLI Variable Value <1-4059> Specifies the VLAN ID in the range of 1 to 4059. VLAN IDs 1 to 4059 are configurable. The system reserves VLAN IDs 4060 to 4094 for internal use. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. WORD<0–22> The first parameter, specifies the Maintenance Domain name. WORD<0–22> The second parameter, specifies the Maintenance Association name. <1–8191> Specifies the nodal MEPs to add to the VLAN.
Operations and Management Example Switch:1(config)# cfm spbm level 7 Switch:1(config)# cfm spbm mepid 12 Switch:1(config)# cfm spbm enable Variable definitions Use the data in the following table to use the simplified CFM commands. Variable Value spbm level <0–7> Configures the maintenance level for every CFM SPBM MEP and MIP level on all SPBM B-VLANs. The default is 4. mepid <1–8191> Assigns a global MEP ID for all CFM SPBM MEPs. The default is 1.
CFM configuration using ACLI 816 916 1000 1001 4 4 Configuring simplified CFM SPBM Use this procedure to configure CFM for the Shortest Path Bridging Mac (SPBM) VLANs on Virtual Services Platform 4000. This is a simplified command which automatically creates the MD, MA, MEP and associates it with the B-VLAN and the MIP level with the B-VLAN. Procedure 1. Log on to Global Configuration mode: enable configure terminal 2. Enable CFM for SPBM VLANs: cfm spbm enable 3.
Operations and Management VSP-4850GTS> show cfm spbm ======================================================================== Cfm Spbm ======================================================================== LEVEL ADMIN MEP ID MAC -----------------------------------------------------------------------4 enable 1 00:00:00:00:00:00 Variable definitions Use the data in the following table to use cfm spbm command. Variable Value enable Enables CFM for SPBM VLANs.
CFM configuration using ACLI Variable definitions Use the data in the following table to use the loopback command. Variable Value WORD<0–22> The first parameter, specifies the MD name. WORD<0–22> The second parameter, specifies the MA name. <1–8191> Specifies the MEP ID. <0x00:0x00:0x00:0x00:0x00:0x00> Specifies the remote MAC address to reach the MEP/MIP. burst-count <1–200> Specifies the burst-count. data-tlv-size <0–400> Specifies the data TLV size.
Operations and Management address of an MP, which is the SPBM system ID or the virtual SMLT MAC. MPs on the path to the target address respond with an LTR. Before you begin • You must have a MEP that is associated with a VLAN.
CFM configuration using ACLI Triggering a Layer 2 ping Use this procedure to trigger a Layer 2 ping inside an SPBM cloud or network, which acts like native ping. This feature enables CFM to debug Layer 2. It can also help you debug IP shortcuts and the record for the shortcuts’ ARP. Before you begin • You must have a MEP that is associated with a VLAN.
Operations and Management Variable Value {vlan <1-4059> routernodename WORD<0–255>} Specifies the destination for the L2 ping: • <1-4059> — (vlan <1-4059> mac <0x00:0x00:0x00:0x00:0x00:0x00>} Specifies the VLAN ID in the range of 1 to 4059. VLAN IDs 1 to 4059 are configurable. The system reserves VLAN IDs 4060 to 4094 for internal use. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. {ip-address WORD<0–255>} • WORD<0–255> — Specifies the Router node name.
CFM configuration using ACLI IS to get from one MEP to another, by showing all the hops between. Therefore, it can show where connectivity is lost. It can also work for IP shortcuts. Important: To trace a route to a MAC address, the MAC address must be in the VLAN FDB table. • For B-VLANs, you do not have to trigger an l2ping to learn the MAC address because ISIS populates the MAC addresses in the FDB table. linktrace traces the path up to the closest device to that MAC address that supports CFM.
Operations and Management Variable {ip-address WORD<0–255>} Value 4060 to 4094 for internal use. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. • WORD<0–255> — Specifies the Router Node Name • — Specifies the MAC address • WORD<0–255> — Specifies the IP address ttl-value<1–255> Specifies the TTL value. The default is 64. priority <0–7> Specifies the priority. The default is 7.
CFM configuration using ACLI Example VSP-4850GTS# l2 tracetree 500 1 VSP-4850GTS# l2 tracetree 500 1 Please wait for l2tracetree to complete or press any key to abort l2tracetree to 53:55:10:00:00:01, vlan 500 i-sid 1 nickname 5.55.10 hops 64 1 VSP-PETER4 00:15:9b:11:33:df -> VSP-MONTI0 00:14:0d:a2:b3:df 2 VSP-MONTI0 00:14:0d:a2:b3:df -> VSP-LEE2 00:15:e8:b8:a3:df Variable definitions Use the data in the following table to use the l2 tracetree command.
Operations and Management Before you begin • On the source and destination nodes, you must configure an autogenerated or an explicit CFM MD, MA, and MEP. • Enable the MEP. • Assign a nodal MEP to the B-VLAN. Procedure 1. Log on to the switch to enter User EXEC mode. 2. Trigger a Layer 2 tracemroute on the VLAN: l2 tracemroute source group
CFM configuration using ACLI The following is a sample output for a Layer 2 tracemroute on a VRF: Switch:1>enable Switch:1#configure terminal Switch:1(config)#l2 tracemroute source 192.0.2.10 group 233.252.0.1 vrf red Please wait for l2 tracemroute to complete or press any key to abort. Source 192.0.2.10 Group: 233.252.0.
Operations and Management The following table describes the fields in the output for l2 tracemroute command for a VRF. Parameter Description Source Specifies the source IP address of the flow where the multicast trace tree originates. Group Specifies the IP address of the multicast group. VRF Specifies the VRF. BMAC Specifies the backbone MAC address. B-VLAN Specifies the backbone VLAN. I-SID Specifies the service identifier.
CFM configuration using ACLI 4. Stop tracing: trace shutdown 5. View the trace results: show trace cfm 6. Begin the trace operation for the CFM module: trace level 120 <0–4> Wait approximately 30 seconds, and then stop trace. 7. View trace results: trace screen enable Important: If you use trace level 3 (verbose) or trace level 4 (very verbose), Avaya recommends you do not use the screen to view commands, due to the volume of information the system generates and the effect on the system. 8.
Operations and Management Variable Value cfm level [<0-4>] Starts the trace by specifying the level. • <0–4> specifies the trace level from 0–4, where 0 is disabled; 1 is very terse; 2 is terse; 3 is verbose, 4 is very verbose. filter Configures a filter trace for a file or module. flags Configures trace flags for IS-IS or OSPF. grep [WORD<0-128>] Searches trace results for a specific string value, for example, the word error. Performs a comparison of trace messages.
CFM configuration using ACLI Using trace SPBM to diagnose problems Use the following procedure to display trace information for SPBM IS-IS. In the case of IS-IS, this procedure also provides information related to the flags set. About this task Use the trace level 119 <0–4> command to trace IS-IS module information, including ACLI, instrumentation, show config and platform dependent code. The IS-IS module ID is 119.
Operations and Management Wait approximately 30 seconds, and then stop trace. 8. View trace results: trace screen enable Important: If you use trace level 3 (verbose) or trace level 4 (very verbose), Avaya recommends you do not use the screen to view commands due to the volume of information the system generates and the effect on the system. 9. Save the trace file to the Compact Flash card for retrieval. save trace [file WORD<1–99>] If you do not specify a file name, the file name is systrace.txt.
CFM configuration using EDM Variable Value flags Configure trace flags for IS-IS or OSPF. grep [WORD<0-128>] Searches trace results for a specific string value, for example, the word error. Performs a comparison of trace messages. level <0–234>[<0-4>] Starts the trace by specifying the module ID and level. • <0–234> specifies the module ID. • <0-4> specifies the trace level from 0–4, where 0 is disabled; 1 is very terse; 2 is terse; 3 is verbose, 4 is very verbose.
Operations and Management Note: When you enable CFM in an SPBM network, Avaya recommends that you enable CFM on the Backbone Edge Bridges (BEB) and on all Backbone Core Bridges (BCB). If you do not enable CFM on a particular node, you cannot obtain CFM debug information from that node. Autogenerated CFM CFM provides two methods for creating MEPs: autogenerated and explicit. You cannot use both. You must choose one or the other.
CFM configuration using EDM remove the existing MEP or MIP on the SPBM B-VLAN. If you want to continue configuring MEPs manually, skip this procedure. Procedure 1. From the navigation tree, expand the following folders: Configuration > Edit > Diagnostics. 2. Click CFM. 3. Click the Global tab. 4. Select enable next to SpbmAdminState. 5. Click Apply. 6. To verify the values assigned to MA, MD, and MEP, perform the following steps: a. Click the MD tab. b. Select SPBM, and then check the MA and MEP values.
Operations and Management Name Description This field appears only for VSP 4000 Series. Bmac Displays the B-MAC address of the node. This field appears only for VSP 4000 Series. Cmac Displays the C-MAC address of the node. This field appears only for VSP 4000 Series. Configuring autogenerated CFM on C-VLANs This procedure applies only to VSP 4000 Series. Use this procedure to configure the autogenerated CFM MEP and MIP level for every C-VLAN on the chassis.
CFM configuration using EDM Name Description SpbmAdminState Enables or disables autogenerated CFM for BVLANs. The default is disable. SpbmLevel Specifies the global SPBM CFM maintenance level for the chassis within the range of 0 to 7. The default is 4. Only configure global CFM at one MD level for each chassis for each VLAN type. SpbmMepId Specifies the global MEP ID within the range of 1 to 8191. Select a unique ID for each switch to ensure that the MEPs are unique across the network.
Operations and Management Configuring CFM MD Use this procedure to configure a Connectivity Fault Management (CFM) Maintenance Domain (MD). An MD is the part of a network that is controlled by a single administrator. A single MD can contain several Maintenance Associations (MA). Procedure 1. From the navigation tree, expand the following folders: Configuration > Edit > Diagnostics. 2. Click CFM. 3. Click the MD tab. 4. Click Insert. 5.
CFM configuration using EDM 5. In the MA tab, click Insert. 6. In the fields provided, specify an index value and name for the MA. 7. Click Insert. MA field descriptions Use the data in the following table to use the MA tab. Name Description DomainIndex Specifies the maintenance domain entry index. AssociationIndex Specifies a maintenance association entry index. DomainName Specifies the MD name. AssociationName Specifies the MA name.
Operations and Management Name Description AssociationName Specifies the MA name. AdminState Specifies the administrative state of the MEP. The default is disable. MepType Specifies the MEP type: • trunk • sg • endpt • vlan • port • endptClient • nodal • remotetrunk • remotesg • remoteendpt • remoteVlan • remotePort • remoteEndptClient ServiceDescription Specifies the service to which this MEP is assigned.
CFM configuration using EDM 5. Click Nodal. 6. In the NodalMepList field, specify the nodal MEPs to add to the VLAN. 7. Click Apply. Nodal MEP/MIP field descriptions Use the data in the following table to use the Nodal MEP/MIP tab. Name Description NodalMepList Specifies the nodal MEPs to add to the VLAN, in the format , for example md10.ma20.30. NumOfNodalMep Indicates the number of nodal MEPs assigned to this VLAN. NodalMipLevelList Specifies a MIP level list.
Operations and Management L2Ping field descriptions Use the data in the following table to use the L2Ping tab. Name Description VlanId Identifies the backbone VLAN. DestMacAddress Specifies the target MAC address. HostName Specifies the target host name. DestIsHostName Indicates whether the host name is (true) or is not (false) used for L2Ping transmission. Messages Specifies the number of L2Ping messages to be transmitted. The default is 1.
CFM configuration using EDM Name Description • pseudoRandomBitSequenceCrc: pseudo-randombit-sequence with cyclic redundancy check with 32bit polynomial. A cyclic redundancy check is a code that detects errors. The default value is allZero. DataSize Specifies an arbitrary amount of data to be included in the data TLV, if the data size is selected to be sent. The default is 0. FrameSize Specifies the frame size.
Operations and Management Important: To trace a route to a MAC address, the MAC address must be in the VLAN FDB table. For B-VLANs, you do not have to trigger an L2Ping to learn the MAC address because IS-IS populates the MAC addresses in the FDB table. Linktrace traces the path up to the closest device to that MAC address that supports CFM. Before you begin • On the source and destination nodes, you must configure a CFM MD, MA, and MEP, and assign a nodal MEP to the B-VLAN. Procedure 1.
CFM configuration using EDM Name Description Status Indicates the status of the transmit loopback service: • ready: the service is available. • transmit: the service is transmitting, or about to transmit, the L2Trace messages. • abort: the service aborted or is about to abort the L2Trace messages. This field is also used to avoid concurrency or race condition problems that can occur if two or more management entities try to use the service at the same time. The default is ready.
Operations and Management Name Description • internalError (2): L2Trace internal error • invalidMac (3): Invalid MAC address • mepDisabled (4): MEP must be enabled in order to perform L2Trace • noL2TraceResponse (5): No L2Trace response received • l2TraceToOwnMepMac (6): L2Trace to own MEP MAC is not sent • l2TraceComplete (7): L2Trace completed • l2TraceLookupFailure (8): Lookup failure for L2Trace • l2TraceLeafNode (9): On a leaf node in the I-SID tree • l2TraceNotInTree (10): Not in the I-SID tree • l2
CFM configuration using EDM L2 Traceroute/Tracetree Result field descriptions Use the data in the following table to use the L2 Traceroute/Tracetree Result tab. Name Description VlanId A value that uniquely identifies the Backbone VLAN (B-VLAN). SeqNumber The transaction identifier/sequence number returned by a previous transmit linktrace message command, indicating which L2Trace's response of the L2Trace is going to be returned. The default is 0. Hop The number of hops away from L2Trace initiator.
Operations and Management Procedure 1. In the navigation tree, expand the following folders: Configuration > Edit > Diagnostics. 2. Click L2Ping/L2Trace Route. 3. Click the L2 IP Ping tab. 4. To add a new entry, click Insert, specify the destination IP address and optional parameters, and then click Insert. 5. To start the Layer 2 IP ping, highlight an entry, and then click Start. 6. To update the Layer 2 IP ping, click the Refresh button. 7. To stop the Layer 2 IP ping, click Stop.
CFM configuration using EDM Name Description TimeoutInt Specifies the interval to wait for an L2IpPing time-out with a range of 1–10 seconds with a default value of 3 seconds.
Operations and Management L2 IP Ping Result field descriptions Use the data in the following table to use the L2 IP Ping Result tab. Name Description IpAddrType The address type of the destination IP Address. IpAddr Destination IP Address. SendOrder Specifies the order that sessions were sent. It is an index to distinguish among multiple L2Ping sessions. This value is assigned sequentially from 1. It correlates to the number of paths found. VrfId Specifies the VRF ID.
CFM configuration using EDM Note: In the current release, troubleshooting using ping and traceroute (including Layer 2 ping and Layer 2 traceroute) is not supported on EDM. For more information, see Release Notes for VSP Operating System Software, NN47227-401. As an alternative, use the ACLI.
Operations and Management Name Description • transmit: the service is transmitting, or about to transmit, the L2Trace messages. • abort: the service is aborted or about to abort the L2Trace messages. This field is also used to avoid concurrency or race condition problems that could occur if two or more management entities try to use the service at the same time. The default is ready. ResultOk Indicates the result of the operation: • true: the Trace Messages will be or have been sent. • false.
CFM configuration using EDM Name Description IpAddr Specifies the destination IP address. SendOrder Denotes the order that sessions are sent. It is an index to distinguish among multiple L2Trace sessions. It correlates to the number of paths found. This value is assigned sequentially from 1. Hop Specifies the number of L2 hops away from L2Trace initiator. ReceiveOrder Specifies the order that sessions are sent.
Operations and Management Name Description • l2TraceLookupFailure (8): Lookup failure for L2Trace Triggering a loopback test Use this procedure to trigger a loopback test. The LBM packet is often compared to ping. An MEP transmits the loopback message to an intermediate or endpoint within a domain for the purpose of fault verification. This can be used to check the ability of the network to forward different sized frames.
CFM configuration using EDM Name Description Messages Specifies the number of loopback messages to be transmitted. The default is 1. VlanPriority Specifies the priority. The default is 7. SeqNumber Specifies the transaction identifier/sequence number of the first loopback message (to be) sent. The default is 0. ResultOk Indicates the result of the operation: • true: The Loopback Messages will be (or have been) sent. • false: The Loopback Messages will not be sent. The default is true.
Operations and Management Name Description FrameSize Specifies the frame-size. The default is 0. Sourcemode Specifies the source mode of the transmit loopback service: • nodal • noVlanMac — Use this value with C-VLAN only. When you select this option, even if a VLAN MAC address exists, the system uses the CFM C-MAC as the BMAC-SA. • smltVirtual — Use the smltVirtual option with BVLANs only. The default is nodal. Triggering linktrace Use the following procedure to trigger a linktrace.
CFM configuration using EDM LTM field descriptions Use the data in the following table to use the LTM tab. Name Description DomainIndex Specifies the MD index value. AssociationIndex Specifies the MA index value. Index Specifies the MEP index value. DomainName Specifies the MD name. AssociationName Specifies the MA name. VlanPriority Specifies the VLAN priority, a 3–bit value to be used in the VLAN tag, if present in the transmitted frame. The default is 7.
Operations and Management Name Description • 2 - LTM internal error • 3 - Unknown Remote Maintenance Endpoint • 4 - Invalid Remote Maintenance Endpoint MAC Address • 5 - Unset Remote Maintenance Endpoint MAC address • 6 - MEP must be enabled in order to perform LTM • 7 - No LTR response received • 8 - Linktrace to own MEP MAC is not sent • 9 - Endpoint must be enabled in order to perform LTM • 10 - Pbt-trunk must be enabled in order to perform LTM • 11 - LTM completed • 12 - LTM leaf node SourceMode Spe
CFM configuration using EDM Link Trace Replies field descriptions Use the data in the following table to use the Link Trace Result tab. Name Description DomainIndex Indicates the Maintenance Domain Index. AssociationIndex Indicates the Maintenance Association Index. MepId Indicates the Maintenance EndPoint ID. SeqNumber Indicates the transaction identifier/sequence number returned by a previous transmit linktrace message command, indicating which LTM response is going to be returned.
Operations and Management Name Description SrcMac Displays the MAC address of the MP that responded to the LTM request for this LTR. IngressAction Displays the value returned in the IngressAction Field of the LTM. The value ingNoTlv indicates that no Reply Ingress TLV was returned in the LTM. IngressMac Displays the MAC address returned in the ingress MAC address field. If the rcCfmLtrReplyIngress object contains the value ingNoTlv(5), then the contents of this field are meaningless.
CFM configuration using EDM 3. From the L2 Traceroute/TraceTree tab, configure the Layer 2 tracetree properties. 4. In the IsTraceTree field double-click and select true for EDM to perform Tracetree on the multicast tree. 5. Click Apply. 6. Click the Refresh button to update the results. L2Tracetree field descriptions Use the data in the following table to use the L2Tracetree tab. Name Description VlanId Identifies the Backbone VLAN.
Operations and Management Name Description Ttl Specifies the Time-to-Live value. Indicates the number of hops remaining to this L2Tracetree. The tracetree is decremented by one by each bridge that handles the Layer 2 tracetree and the decremented value is returned to the tracetree. If the output is 0, then the L2Tracetree is not transmitted to the next hop. The value of the TTL field in the L2Tracetree is transmitted by the originating MEP is controlled by a managed object. The default is 64.
CFM configuration using EDM Viewing Layer 2 tracetree results Use this procedure to view Layer 2 Tracetree results. The Layer 2 Tracetree command is a proprietary command that allows a user to trigger a multicast LTM message by specifying the BVLAN and I-SID. This command allows the user to view a multicast tree on the SPBM B-VLAN from the source node to the destination nodes for a particular I-SID.
Operations and Management Name Description SrcMac MAC address of the MP that responds to the L2Tracetree request for this L2tractreeReply. HostName The host name of the replying node. LastSrcMac The MAC address of the node that forwarded the L2Tracetree to the responding node. LastHostName The host name of the node that forwarded the L2Tracetree to the responding node.
CFM configuration using EDM 9. Enter the Ttl value. 10. Click Insert. 11. Click Apply to save your changes. 12. To start the Layer 2 tracemoute, set the Status to transmit and click Start. 13. Update the Layer 2 tracemroute by clicking Refresh . 14. To stop the Layer 2 tracemroute, click Stop . 15. To see the result, click Result. L2 MCAST Traceroute field descriptions Use the data in the following table to use the L2MCAST Traceroute tab.
Operations and Management Name Description Flag Specifies the result flag indicating that the L2 trace status or error code. Each value represents a status or error case. • 1 — No error • 2 — Internal Error • 3 — Mep must be enabled to perform the trace • 4 — No response received • 5 — Trace completed • 6 — On a leaf node in the I-SID tree • 7 — No data I-SID was found for S, G Configuring Layer 2 tracemroute on a VRF Use this procedure to configure the Layer 2 tracemroute on the VRF (Layer 3).
CFM configuration using EDM 8. Enter the ServiceType. If you want to perform a Layer 2 tracemroute on a Layer 2 VRF, select vlan. If you want to perform a Layer 2 tracemroute on a Layer 3 VRF, select vrfid. 9. In the ServiceId, enter the VLAN ID. 10. Enter the Priority. 11. Enter the Ttl value. 12. Click Insert. 13. Click Apply to save your changes. 14. To start the Layer 2 tracemoute, set the Status to transmit and click Start. 15. Update the Layer 2 tracemroute by clicking Refresh . 16.
Operations and Management Name Description ResultOK Specifies the result of the operation: • true: The trace messages will be or have been sent. • false: The trace messages will not be sent. Flag Specifies the result flag indicating that the L2 trace status or error code. Each value represents a status or error case.
CFM configuration example Name Description Hop Specifies the number of hops away from the l2 tracemroute initiator. ReceiveOrder Specifies an index to distinguish among multiple l2 tracemroute responses with the same transaction identifier field value. This value is assigned sequentially from 1, in the order that the linktrace initiator received the responses. Ttl Specifies the TTL value for a returned l2 tracemroute response.
Operations and Management VSP4000 B MAINTENANCE-DOMAIN CONFIGURATION cfm maintenance-domain spbm index 1 maintenance-level 6 MAINTENANCE-ASSOCIATION CONFIGURATION cfm maintenance-association "spbm" "2" index 1 cfm maintenance-association "spbm" "3" index 2 MAINTENANCE-ENDPOINT CONFIGUARTION cfm maintenance-endpoint "spbm" "2" 2 state enable cfm maintenance-endpoint "spbm" "3" 2 state enable VLAN NODAL MEP/MIP CONFIGURATION vlan vlan vlan vlan nodal-mep 2 spbm 2 2 nodal-mip-level 2 6 nodal-mep 3 spbm 3 2 n
CFM configuration example Please wait for l2ping to complete or press any key to abort ----00:14:0d:a2:b3:df L2 PING Statistics---- 0(68) bytes of data 1 packets transmitted, 1 packets received, 0.00% packet loss round-trip (us) min/max/ave/stdv = 26895/26895/26895.00/ 0.
Operations and Management md1 99 3 NONE Total number of Maintenance Domain entries: 1.
CFM configuration example 10 11 12 13 14 show vlan nodal-mip-level VSP-4850GTS#show vlan nodal-mip-level ================================================================================ Vlan Nodal Mip Level ================================================================================ VLAN_ID NODAL_MIP_LEVEL_LIST -------------------------------------------------------------------------------1 2 3 4 6 5 6 7 8 9 10 11 12 13 14 January 2017 Troubleshooting Comments on this document? infodev@avaya.
Chapter 20: Upper layer troubleshooting This section describes troubleshooting for Layer 4 to 7 applications. Troubleshooting SNMP About this task Troubleshoot Simple Network Management Protocol (SNMP) if the network management station (NMS) does not receive traps. Verify the management configurations for the management station. Also verify the management station setup.
Troubleshooting DHCP 6. If you cannot reach the device using SNMP, access the console port, and then ensure that the SNMP community strings and traps are correct. 7. Use sniffer traces to verify that the switch receives the poll. 8. Use sniffer traces to verify that the NMS receives the response. 9. Verify that the data in the response is the data that was requested.
Upper layer troubleshooting Troubleshooting DHCP Relay Before you begin • Configure the server to reply to the client subnet. Check the server configuration file to verify the configuration. • Configure a route on the server for the client subnet to create a path on which to send replies. About this task Perform this procedure to troubleshoot the DHCP relay agent. Procedure 1. Verify that the interfaces that link the client and server are up, and that the ports are in the forwarding state. a.
Troubleshooting DHCP Relay trace level 170 3 Example VSP-4850GTS-PWR+:1# ping 47.16.10.
Upper layer troubleshooting Troubleshooting client connection to the DHCP server About this task Perform this procedure if the client cannot reach the DHCP server. Procedure 1. Check that the DHCP relay agent in the network switch is correctly configured. 2. Check that the DHCP server configuration is correct. 3. Check for routing issues. The routing in the network may not be configured so that DHCP request and reply packets are propagated. You can use ping and traceroute. 4.
IPv6 DHCP Relay server side troubleshooting show ipv6 global 5. Verify that the IPv6 based VLAN where the DHCP relay agent is configured is enabled: show ipv6 interface vlan <1-4059> 6. In a scenario with VRRP and SMLT, configure VRRP IP as the DHCP relay agent. 7. When using the VRRP VRID as the relay agent, make sure the VRRP configurations are proper. 8.
Upper layer troubleshooting Example 1: if you receive the message 0x00108796 (relayMsgSend): cannot find route entry for destination on the console, you must ping the server. If the server is not reachable, the system cannot forward the packet. This is not a DHCP issue. Example 2: if you receive the message 0x00108705 this indicates a problem at the transmission level. Check the server reachability and ensure that MAC learning is correct before you pursue DHCP issues.
Troubleshooting IPv6 VRRP Troubleshooting IPv6 VRRP The following sections describe troubleshooting information for IPv6 Virtual Router Redundancy Protocol (VRRP). VRRP transitions When a VRRP transition takes place with the backup taking over as the master, look for the following message in the syslog on the new master, as well as the old master. This message provides information to allow you to determine the cause of the transition.
Upper layer troubleshooting Cause value Cause definition 2 Higher priority advertisement received 3 Shutdown received 4 VRRP address and physical address match 5 Master down interval 6 Preemption 7 Critical IP goes down 8 User disabling VRRP 9 VRRP status synced from primary 10 IPv6 interface on which VRRP is configured goes down 11 Lower priority advertisement received 12 Advertisement received from higher interface IP address with equal priority 13 Advertisement received from low
Risks associated with enabling trace messages 4. When VRRP is enabled on two routing switches, the master-backup relationship forms with one router taking the responsibility of routing. If the master-backup relationship is not formed between the VRRP virtual routers, look for the following trace messages to ensure that the master is sending the advertisements correctly and the backup is processing them. On the master router, look for the following RCIP6 trace messages. • tMainTask RCIP6: rcip6_vrrp.
Upper layer troubleshooting VRRP with higher priority running as backup The VRRP router with the higher priority can display as the backup for the following reasons • Hold-down timer is running. • The configured Critical IP is not reachable or does not exist. If the critical-IP is configured for VRRP master, and the critical interface goes down or is deleted, the master transitions to the backup state. In this case, the log shows the transition cause as 1 like many other cases.
Troubleshooting IPv6 connectivity loss Procedure 1. Use the following command to disable SSH: no ssh 2. From the config terminal go to the .ssh directory using the command: cd /intflash/.ssh 3. After you upgrade or downgrade, delete the following keys from the .ssh directory. ssh_dss.key ssh_rsa.key moc_sshc_dsa_file moc_sshc_rsa_file id_dsa_rwa id_dsa_rwa.pub id_rsa_rwa id_rsa_rwa.pub moc_sshc_dsa_file_fed moc_sshc_rsa_file_fed known_hosts ssh_ecdsa.
Upper layer troubleshooting 3. INCOMPLETE neighbor state indicates a problem if the corresponding neighbor is used by some of the IPv6 routes. This applies to neighbor entries with link-local addresses. Note: Global addresses are not normally used as next hops. Having a global IPv6 neighbor entry as INCOMPLETE does not usually lead to a connectivity issue. 4. If the corresponding route is not in place then this is a routing issue.
Troubleshooting TACACS+ current user, which determines the user access privileges. The switch supports access levels 1 to 6 and access level 15. The following table maps user accounts to TACACS+ privilege level. Switch access level TACACS+ privilege level Description NONE 0 If the TACACS+ server returns an access level of 0, the user is denied access. You cannot log into the device if you have an access level of 0. READ ONLY 1 Permits you to view only configuration and status information.
Upper layer troubleshooting Switch access level TACACS+ privilege level Description READ WRITE ALL 15 Permits you to have all the rights of read-write access and the ability to change security settings, including Avaya command line interface (ACLI) and Web-based management user names and passwords, and the SNMP community strings. Note: Access level 15 is internally mapped to access level 6, which ensures consistency with other vendor implementations.
Troubleshooting TACACS+ 8. Also use the output from the show tacacs command to verify whether you configured the single connection option on the platform, and whether the TACACS+ server supports the single connection.
Upper layer troubleshooting Name Description • 1: read only (ro) access • 2: Layer 1 read and write (l1) access • 3: Layer 2 read and write (l2) access • 4: Layer 3 read and write (l3) access • 5: read and write (rw) access • 6: read and write all (rwa) access • 7-14: denied access • 15: read and write all (rwa) access Server Prio Displays the priority of the TACACS+ server. The switch attempts to use the primary server first, and the secondary server second.
Troubleshooting TACACS+ Procedure 1. Verify that the network, the switch, and the TACACS+ server is reachable. 2. Verify whether you configured the SSH client correctly. 3.
Upper layer troubleshooting Parameter Description pass-auth Specifies if password authentication is enabled or disabled. The default is enabled. enable Specifies if SSH secure mode is enabled. False is disabled. Secure is enabled. Unable to log on by any means (Telnet, rlogin, or SSH) If you cannot log on by any means, perform the following steps. Procedure 1. Check whether the TACACS+ server runs properly and try to restart the TACACS+ server. 2.
Troubleshooting TACACS+ global enable : false authentication enabled for : cli accounting enabled for : none authorization : disabled User privilege levels set for command authorization : None Server: create : Prio Status Key Port Primary NotConn ****** 3 Backup NotConn ****** 47 IP address Timeout Single Source SourceEnabled 192.0.2.254 30 true 5.5.5.5 true 198.51.100.1 10 false 0.0.0.
Upper layer troubleshooting --More-- (q = quit) Check whether the switch has a route configured to the server network: Switch:1(config)#show ip route ========================================================================================== IP Route - GlobalRouter ========================================================================================== NH INTER DST MASK NEXT VRF/ISID COST FACE PROT AGE TYPE PRF -----------------------------------------------------------------------------------------198.
Troubleshooting TACACS+ Parameter Description cli-profile-enable Specifies if RADIUS ACLI profiling is enabled. ACLI profiling grants or denies access to users being authenticated by way of the RADIUS server. You can add a set of ACLI commands to the configuration on the RADIUS server, and you can specify the command-access mode for these commands. The default is false. enable Specifies if RADIUS authentication is globally enabled on the switch.
Upper layer troubleshooting Example Check whether accounting is enabled on the switch: Switch:1>enable Switch:1(config)#show tacacs Global Status: global enable : false authentication enabled for : cli accounting enabled for : none authorization : disabled User privilege levels set for command authorization : None Server: create : Prio Status Key Port Primary NotConn ****** 3 Backup NotConn ****** 47 IP address Timeout Single Source SourceEnabled 192.0.2.254 30 true 5.5.5.5 true 198.51.100.1 10 false 0.0.
Troubleshooting TACACS+ AuthPriv-md5 NoAuthNoPriv-md5 profile3 profile1 ================================================================================ Target Address Configuration ================================================================================ Target Name TDomain TAddress TMask -------------------------------------------------------------------------------4c20cc369925edbd1fe3cf8e2584c498 ipv4 47.17.142.155:162 55fca382ffba169e986783bbbdedc334 ipv4 47.17.143.
Upper layer troubleshooting Procedure 1. Enter Privileged EXEC mode: enable 2. Configure the trace level for the TACACS+ module: trace level 109 <1–4> The TACACS+ module ID is 109. 3. Stop trace: trace shutdown 4. View the trace results on screen: trace screen enable 5. View trace saved to a file: show trace file [tail] 6. Save the trace file for retrieval: save trace [file WORD<1–99>] If you do not specify a file name, the file name is systrace.txt.
Troubleshooting RSMLT Variable Value (verbose) or trace level 4 (very verbose) due to the volume of information generated and the effect on the system. Use the data in the following table to use the show trace command. Variable Value file [tail] Displays the trace results saved to a file. level Displays the current trace level for all modules. modid-list Specifies the module ID list.
Upper layer troubleshooting Example Display the RSMLT configuration: Switch:1>enable Switch:1#configure terminal Switch:1(config)#interface vlan 1 Switch:1(config-if)#show ip rsmlt peer ===================================================================== Ip Rsmlt Peer Info - GlobalRouter ===================================================================== VID IP MAC ADMIN OPER HDTMR HUTMR --------------------------------------------------------------------1 192.0.2.
Troubleshooting RSMLT Troubleshooting vIST failure About this task When you use Virtual Inter-Switch Trunk (vIST), all critical network traffic runs on this link. If vIST fails, network protocols such as RIP, VRRP, OSPF, and VLACP go down and eventually cause a network outage. vIST uses an SPBM tunnel to virtually connect two nodes that can be anywhere in the SPBM cloud. Even if the two vIST nodes are directly connected by an MLT link, the vIST VLAN does not have MLT ports as members.
Upper layer troubleshooting show ip arp vlan January 2017 Troubleshooting Comments on this document? infodev@avaya.
Chapter 21: Unicast routing troubleshooting Use this section to troubleshoot Layer 3 unicast routing problems. Using BGP debugging commands Use global and peer debug commands to display specific debug messages for the global and peer Border Gateway Protocol (BGP) configuration, including the BGP neighbors. You can use these commands to troubleshoot the BGP configuration. Procedure 1. Enter BGP Router Configuration mode: enable configure terminal router bgp 2.
Unicast routing troubleshooting Switch:1(config)# router bgp Display the global debug messages for error and packet: Switch:1(router-bgp)#global-debug mask error,packet End (disable) the display of global debug messages: Switch:1(router-bgp)#global-debug mask none Display specific debug messages for the global BGP neighbors: Switch:1(router-bgp)#neighbor-debug-all mask packet,event Display specific debug messages for BGP peers or peer groups: Switch:1(router-bgp)#neighbor 45.17.10.
Troubleshooting licensed features Table 41: Mask categories and messages Mask category Message none None disables the display of all debug messages. all All configures the device to show all categories of debug messages. error Error configures the device to show error debug messages. packet Packet configures the device to show packet debug messages. event Event configures the device to show event debug messages. warning Warning configures the device to show warning debug messages.
Unicast routing troubleshooting Viewing OSPF errors Before you begin • You must log on to the Privileged EXEC mode in ACLI. About this task Check Open Shortest Path First (OSPF) errors for administrative and troubleshooting purposes. Procedure Display information about OSPF errors: show ip ospf port-error [port {slot/port[-slot/port][,...]}] [vrf WORD<1– 16>] [vrfids WORD<0–512>] Variable definitions Use the data in the following table to use the show ip ospf port-error command.
Viewing OSPF neighbor state problems Field Description AUTH FAILURES Indicates the number of authentication failures. NET_MASK MISMATCH Indicates the number of network mask mismatches this interface receives. HELLOINT MISMATCH Indicates the number of hello interval mismatches this interface receives. DEADINT MISMATCH Indicates the number of dead interval mismatches this interface receives. OPTION MISMATCH Indicates the number of options mismatches this interface receives.
Unicast routing troubleshooting Table 44: Device states during OSPF adjacency formation Step State Description 1 Down Indicates that a neighbor was configured manually, but the device did not receive information from the other device. This state can occur only on nonbroadcast multiaccess interfaces. 2 Attempt Indicates, on a nonbroadcast multiaccess interface, that the device attempts to send unicast hellos to configured interfaces.
Troubleshooting OSPF ExStart/Exchange problems 4. Ensure the multicast address of 224.0.0.5 can traverse the link. If multicast traffic is blocked, you must configure the Avaya Virtual Services Platform 4000 Series for OSPF nonbroadcast multiaccess (NBMA) instead of broadcast. Example VSP-4850GTS> enable VSP-4850GTS# trace level 6 2 VSP-4850GTS# trace screen enable Troubleshooting OSPF ExStart/Exchange problems Before you begin • You must log on to Interface Configuration mode in ACLI.
Unicast routing troubleshooting VSP-4850GTSconfig-if)# trace level 6 2 VSP-4850GTS(config-if)# ip ospf mtu-ignore enable January 2017 Troubleshooting Comments on this document? infodev@avaya.
Chapter 22: Multicast troubleshooting Use the following information to troubleshoot multicast features and multicast routing. Multicast feature troubleshooting Use the information in this section to troubleshoot multicast feature problems. Troubleshooting IGMP Layer 2 Querier The following sections provide troubleshooting information for the IGMP Layer 2 Querier feature. Querier not elected If a Querier is not elected, use the following procedure to troubleshoot the issue. Procedure 1.
Multicast troubleshooting 1 2 3 4 5 10 100 200 300 444 125 125 125 125 125 125 125 125 125 125 100 100 100 100 100 100 100 100 100 100 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 10 10 10 10 10 10 10 10 10 10 false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false false All 10 out of 10 Total Num of Igmp entries displayed VLA
Multicast feature troubleshooting Field Description running either version. For IGMP to function correctly, you must configure all routers on a LAN to run the same version of IGMP. LAST MEMB QUERY Indicates the maximum response time (in tenths of a second) inserted into group-specific queries sent in response to leave group messages, and is also the amount of time between group specific query messages. Use this value to modify the leave latency of the network.
Multicast troubleshooting Procedure 1. Enter Privileged EXEC mode: enable 2. Use the following trace command to begin the trace operation for additional information related to Layer 2 querier: trace level 23 <1-4> 3. Stop tracing: trace shutdown 4. View the trace results: trace screen enable 5. View trace saved to a file: show trace file [tail] Variable definitions Use the data in the following table to use the trace command.
Multicast feature troubleshooting Variable Value file [tail] Displays the trace results saved to a file. level Displays the current trace level for all modules. modid-list Specifies the module ID list. Troubleshooting IGMPv3 backwards compatibility If you configure the switch to operate in v2-v3 compatibility mode, the switch supports all IGMPv2 and v3 messages. The switch parses the group address of the messages.
Multicast troubleshooting Switch:1(config)#show ip igmp ssm ================================================================================ Igmp Ssm Global - GlobalRouter ================================================================================ DYNAMIC LEARNING SSM GROUP RANGE -------------------------------------------------------------------------------enable 233.252.0.0/255.0.0.0 Job aid The following table shows the field descriptions for the show ip igmp ssm-map command.
Chapter 23: Multicast routing troubleshooting using ACLI Use the information in this section to help you troubleshoot multicast routing problems. Viewing IGMP interface information Perform this procedure to view the IGMP interface table. About this task If an interface does not use an IP address, it does not appear in the IGMP table. One exception is an IGMP snooping interface, which does not require an interface IP address.
Multicast routing troubleshooting using ACLI pim V400 pim V500 pim V700 pim V701 125 active 3 3 41.0.0.12 100 0 0 2 10 125 active 3 3 31.0.0.12 100 0 3707 2 10 125 active 2 2 62.0.0.206 100 0 336 2 10 125 active 1 1 62.0.1.206 100 0 336 2 10 pim 5 out of 5 entries displayed Variable definitions Use the data in the following table to use the show ip igmp interface command. Variable Value gigabitethernet {slot/port[/sub-port][-slot/port[/subport]][,...
Viewing IGMP interface information Table 47: show ip igmp interface command output without parameters Field Description IF Indicates the interface where IGMP is configured. QUERY INTVL Indicates the frequency at which IGMP host query packets transmit on this interface. STATUS Indicates the activation of a row, which activates IGMP on the interface. The destruction of a row disables IGMP on the interface. VERS Indicates the version of IGMP that runs on this interface.
Multicast routing troubleshooting using ACLI Table 48: show ip igmp interface command output with interface parameters Field Description VLAN ID or PORT NUM Identifies the VLAN or port where IGMP is configured. QUERY INTVL Indicates the frequency at which IGMP host query packets transmit on this interface. QUERY MAX RESP Indicates the maximum query response time (in tenths of a second) advertised in IGMPv2 queries on this interface.
Viewing multicast group trace information for IGMP snoop About this task Multicast group trace tracks the data flow path of the multicast streams. Procedure 1. Enter Privileged EXEC mode: enable 2. Display the multicast group trace for an IGMP snoop-enabled interface: show ip igmp snoop-trace [source {A.B.C.D}] [group {A.B.C.
Multicast routing troubleshooting using ACLI Field Description SOURCE ADDRESS Indicates the source of the multicast traffic. IN VLAN Indicates the incoming VLAN ID. IN PORT Indicates the incoming port number. OUT VLAN Indicates the outgoing VLAN ID. OUT PORT Indicates the outgoing port number. TYPE Indicates where the stream is learned. ACCESS indicates the stream is learned locally.
Viewing IGMP group information Variable definitions Use the data in the following table to use the show ip igmp group command. Variable Value count Displays the number of entries in the IGMP group. group Specifies the address of the IGMP group. member-subnet {default| }] Specifies the IP address and mask of the IGMP member. vrf WORD<1–16> Specifies the VRF name. vrfids WORD<0–512> Specifies the VRF ID.
Multicast routing troubleshooting using ACLI Variable Value vlan <1-4059> Specifies the VLAN ID in the range of 1 to 4059. VLAN IDs 1 to 4059 are configurable. The system reserves VLAN IDs 4060 to 4094 for internal use. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. vrf WORD<1–16> Specifies the VRF name. vrfids WORD<0–512> Specifies the VRF ID. Job aid The following table shows the field descriptions for the show ip igmp group group command output.
Using PIM debugging commands show ip mroute hw-resource-usage Example Show the hardware resource usage: Switch:1>show ip mroute hw-resource-usage ================================================================================ Multicast Hardware Resource Usage ================================================================================ EGRESS INGRESS EGRESS INGRESS LOG MSG SEND TRAP SEND TRAP REC IN-USE REC IN-USE THRESHOLD THRESHOLD ONLY ONLY AND LOG --------------------------------------------
Multicast routing troubleshooting using ACLI 2. Start debug trace message output: debug ip pim pimdbgtrace 3. Stop debug trace message output: no debug ip pim pimdbgtrace default debug ip pim pimdbgtrace 4. Configure the system to display trace messages forwarded by the device: debug ip pim send-dbg-trace 5. Stop the system from displaying trace messages forwarded by the device: no debug ip pim send-dbg-trace default debug ip pim send-dbg-trace 6.
Determining the protocol configured on the added VLAN debug ip pim source {A.B.C.D} Variable definitions Use the data in the following table to use the debug ip pim command. Table 53: Variable definitions Variable Value assert Displays the assert debug traces. The default is false (disabled). bstrap Displays bootstrap debug traces. The default is false (disabled). group {A.B.C.D} Displays debug traces from a specific group IP address. The default is 0.0.0.0 (disabled).
Multicast routing troubleshooting using ACLI Procedure 1. Enter Privileged EXEC mode: enable 2. Determine the protocol configured on the added VLAN: show ip igmp interface [gigabitethernet {slot/port[/sub-port][-slot/ port[/sub-port]][,...]}][vlan <1-4059>][vrf WORD<1–16>] [vrfids WORD<0–512>] The protocol displays under the Mode column of the command output.
Determining the protocol configured on the added VLAN Job aid The following table shows the field descriptions for the show ip igmp interface command. Field Description IF Indicates the interfaces where IGMP is configured. QUERY INTVL Indicates the frequency at which the interface transmits IGMP host query packets. STATUS Indicates the activation of a row that enables IGMP on the interface. The destruction of a row disables IGMP on the interface.
Multicast routing troubleshooting using ACLI Field Description • routed-spb — Indicates IP Multicast over Fabric Connect is enabled on the Layer 3 VSN or for IP Shortcuts. • pim — Indicates PIM is enabled. The following table shows the field descriptions for the show ip igmp interface command output if you use the optional parameters to specify a port, VLAN, or VRF.
Determining the data stream learned with IP Multicast over Fabric Connect on the VLAN Field Description EXPLICIT HOST TRACKING Indicates if explicit host tracking is enabled to track all the source and group members. Determining the data stream learned with IP Multicast over Fabric Connect on the VLAN Use this procedure to determine the data stream learned when IP Multicast over Fabric Connect is configured on the VLAN.
Multicast routing troubleshooting using ACLI Variable Value vrf WORD<0–32> Specifies the VRF name. vrfids <0–255> Specifies the VRF ID. Job aid The following table shows the field descriptions for the show ip mroute route command.
Displaying the SPBM multicast database Displaying the SPBM multicast database You can determine the database used by the SPBM multicast module by using the following procedure. Procedure 1. Log on to the switch to enter User EXEC mode. 2. Show the SPBM multicast database: show isis spbm ip-multicast-route [all][detail][group {A.B.C.
Multicast routing troubleshooting using ACLI Job aid The following table describes fields for the show isis spbm ip-multicast-route command. Table 56: show isis spbm ip-multicast-route command Field Description Source Specifies the IP address of the Global Routing Table. Group Specifies the IP multicast group for which this entry specifies a next hop on an outgoing interface. Data ISID Specifies the VRF ID for the multicast route. BVLAN Specifies the Backbone VLAN (B-VLAN).
Troubleshooting IP Multicast over Fabric Connect for Layer 2 VSNs For more information about infrastructure and services configuration, see Configuring Avaya Fabric Connect on VSP Operating System Software, NN47227-510. 5. Ensure that you enable the CFM configuration. a. Ensure a CFM maintenance-association exists: show cfm maintenance-association b. Ensure a CFM maintenance-domain exists: show cfm maintenance-domain c.
Multicast routing troubleshooting using ACLI Troubleshooting IP Multicast over Fabric Connect for Layer 3 VSNs If traffic is not moving properly, use the following procedure to determine the issue. Procedure 1. Ensure that all switch nodes in the network operate with the current release: show software 2. If ERS 8800 nodes exist in the network, ensure you upgrade them to the current release: show software 3. Ensure that you create and enable SPBM infrastructure globally. a.
Troubleshooting IP Multicast over Fabric Connect for IP Shortcuts show isis spbm ip-multicast-route all d. Ensure that you enable the MVPN: show ip vrf mvpn 6. On the VLANs that need Layer 3 VSN IP Multicast over Fabric Connect routing, create an IP interface on the VLAN if one does not exist. The address should be on the same subnet as the IGMP hosts connected to the VLAN. Also, ensure that you enable IP Multicast over Fabric Connect. 7.
Multicast routing troubleshooting using ACLI show spbm b. Ensure that IS-IS is enabled globally: show isis c. Ensure an SPBM instance exists and at least one Backbone VLAN exists (B-VID). Also ensure multicast is enabled: show isis spbm For more information on infrastructure and services configuration, see Configuring Avaya Fabric Connect on VSP Operating System Software, NN47227-510. 4. Ensure that you enable the CFM configuration. a.
Defining the IS-IS trace flag for IP multicast 10. Ensure that the IGMP version used by the multicast hosts and the Layer 2 switches outside the SPBM network is the same as the IGMP version configured on the C-VLAN: show ip igmp interface Defining the IS-IS trace flag for IP multicast Define the IS-IS trace flag for IP multicast. Procedure 1. Log on to the switch to enter User EXEC mode. 2.
Chapter 24: Multicast routing troubleshooting using EDM Use the information in this section to help you troubleshoot multicast routing problems using Enterprise Device Manager (EDM). Viewing IGMP interface information Use the Interface tab to view the IGMP interface table. You can use this procedure to determine the protocol configured on the added VLAN.
Viewing IGMP interface information Name Description QueryInterval Configures the frequency (in seconds) at which the IGMP host query packets transmit on the interface. The range is from 1–65535 and the default is 125. Status Shows the IGMP row status. If an interface uses an IP address and PIM-SM is enabled, the status is active. Otherwise, it is notInService. Version Configures the version of IGMP (1, 2, or 3) that you want to configure on this interface.
Multicast routing troubleshooting using EDM Name Description parameter to values greater than 3. If you do not need a fast leave process, Avaya recommends values greater than 10. (The value 3 is equal to 0.3 seconds and 10 is equal to 1 second.) OtherQuerierPresent Timeout Shows the length of time that must pass before a multicast router determines that no other querier exists. If the local router is the querier, the value is 0.
Viewing IGMP group information Procedure 1. In the navigation pane, expand the following folders: Configuration > IP. 2. Click IGMP. 3. Click the Snoop Trace tab. Snoop Trace field descriptions Use the data in the following table to use the Snoop Trace tab. Name Description GrpAddr Displays the IP multicast address of the group traversing the router. SrcAddr Displays the IP source address of the multicast group. OutVlan Displays the egress VLAN ID for the multicast group.
Multicast routing troubleshooting using EDM 3. Click the Groups tab. Groups field descriptions Use the data in the following table to use the Groups tab. Name Description IpAddress Shows the multicast group address (Class D). A group address can be the same for many incoming ports. Members Shows the IP address of the host that issues the membership report to this group. InPort Shows the port that receives the group membership report.
Viewing multicast routes by egress VLAN Viewing multicast routes by egress VLAN With the Egress VLANs tab, you can view the egress VLANs for the streams corresponding to the selected entry in the Mroute-Hw table. Procedure 1. In the navigation tree, expand the following folders: IP > Multicast. 2. Click the Mroute-HW tab. 3. Click any row in the table. 4. Click EgressVlans. EgressVlans field descriptions Use the information in the following table to help you use the EgressVlans tab.
Multicast routing troubleshooting using EDM Determining the data stream learned when IP Multicast over Fabric Connect is configured on the VLAN Use the following procedure to determine the data stream learned when IP multicast is configured on the VLAN. Procedure 1. In the navigation pane, expand the following folders: Configuration > IP > Multicast. 2. Click the Routes tab. Multicast field descriptions Use the information in the following table to help you use the Multicast tab.
Showing the SPBM multicast database Showing the SPBM multicast database Determine the database used by the SPBM multicast module. Procedure 1. In the navigation pane, expand the following folders: Configuration > ISIS > SPBM. 2. Click the IpMcastRoutes tab. IpMcastRoutes field descriptions Use the information in the following table to use the IpMcastRoutes tab. Name Description VsnIsid Specifies the VSN I-SID. Group Specifies the group IP address for the IP multicast route.
Chapter 25: Transparent Port UNI feature troubleshooting using ACLI Use the information in this section to help you troubleshoot Transparent Port UNI feature problems. Viewing all configured I-SIDs Perform this procedure to view all the configured I-SIDs including their types, ports, and MLTs. About this task View all configured I-SIDs (both CVLAN and T-UNI). View also the I-SID types and the ports or MLTs that are assigned to each I-SID. Procedure 1. Enter Privileged EXEC mode: enable 2.
Viewing all configured I-SIDs ID TYPE VLANID INTERFACES INTERFACES -------------------------------------------------------------------------------6 ELAN_TR N/A 1/2 6 12 CVLAN 11 1/7 34 ELAN_TR 4450 1/17 100 ELAN_TR 7254 1/12 All 4 out of 4 Total Num of i-sids displayed Switch(config)# View T-UNI (ELAN Transparent) I-SIDs.
Transparent Port UNI feature troubleshooting using ACLI 300 4.01.18 10 b4a9.5a2a.
Viewing C-MACs learned on T-UNI ports for an ISID Field Description VLANID Specifies the backbone VLAN PORT INTERFACES Specifies the port that is assigned to the I-SID MLT INTERFACES Specifies the mlt that is assigned to the I-SID The following describes the fields in the output for the show isis spbm i-sid command. Table 59: show isis spbm i-sid Field Description ISID Indicates the IS-IS SPBM I-SID identifier.
Transparent Port UNI feature troubleshooting using ACLI Example View C-MACs learned on all T-UNI I-SIDs.
Viewing C-MACs learned on T-UNI ports for an ISID View C-MACs learned on a T-UNI I-SID as a remote MAC address.
Transparent Port UNI feature troubleshooting using ACLI Field Description DEST-MAC Specifies the virtual BMAC address or system ID, in MAC format, of the destination node. BVLAN Specifies the BVLAN on which the destination node is discovered for the I-SID. DEST-SYSNAME Specifies the destination system name. Viewing I-SID maximum MAC-limit Perform this procedure to view the maximum MAC learning limit information for an I-SID.
Viewing I-SID maximum MAC-limit ID STATUS COUNT ----------------------------------------10 disabled 32000 All 1 out of 1 Total Num of i-sid Info displayed Variable definitions Use the data in the following table to use the show i-sid limit-fdb-learning command. Important: The command show i-sid limit-fdb-learning is supported only on the Avaya Virtual Services Platform 4000 Series. Variable Value limit-fdb-learning Displays the I-SID-based maximum MAC limit information.
Chapter 26: Troubleshooting MACsec Use the information in this section to troubleshoot problems with the MACsec feature. Note: MACsec is supported only on the 4450GSX-PWR+ model of the VSP 4000. It is not supported on the VSP 4000 4850GTS Series models. The switch also supports viewing MACsec performance statistics. For more information on the supported statistics and procedures to view them, see Performance Management of Avaya Virtual Services Platform 4000 Series, NN46251-701.
Viewing MACsec status Viewing MACsec status Perform this procedure to view MACsec status. About this task This command displays the status for the following: • MACsec status • MACsec encryption status • The associated Connectivity Association (CA) name Note: If you do not specify a port number, the information on all MACsec capable interfaces is displayed. Procedure 1. Enter Privileged EXEC mode: enable 2. View the MACsec status: show macsec status {slot/port[/sub-port][-slot/port[/sub-port]] [,...
Chapter 27: Troubleshooting MACsec using EDM Use the information in this section to troubleshoot problems with the MACsec feature using Enterprise Device Manager (EDM) interface. Note: MACsec is supported only on the 4450GSX-PWR+ model of the VSP 4000. It is not supported on the VSP 4000 4850GTS Series models. Viewing MACsec connectivity association details Perform this procedure to view the MACsec connectivity association (CA) details. Procedure 1. In the Device Physical View, click on the chassis. 2.
Chapter 28: Troubleshooting Fabric Attach The following sections help you troubleshoot problems with Fabric Attach (FA) using either the Avaya Command Line Interface (ACLI) or the Enterprise Device Manager (EDM). Troubleshooting workflow Troubleshoot FA in the following sequence: • Verify FA configuration: As a first step, for proper operation, verify that FA is enabled properly at both the global and interface levels. Use the procedures in this section to verify FA configuration.
Troubleshooting Fabric Attach Procedure 1. Enter Privileged EXEC mode: enable 2. To verify that FA is enabled globally, enter one of the following commands: • show fa • show fa agent 3. To view all FA interfaces (ports and MLTs), enter: show fa interface 4.
Troubleshooting Fabric Attach using the ACLI • Both FA and message authentication are enabled on port 4/11.
Troubleshooting Fabric Attach 1 out of 1 Total Num of fabric attach interfaces displayed ---------------------------------------------------------------------- View the FA interfaces that have authentication disabled: Switch:1#show fa interface disabled-auth ======================================================================= Fabric Attach Interfaces ======================================================================= INTERFACE SERVER MGMT MGMT MSG AUTH MSG AUTH STATUS ISID CVID STATUS KEY ---------
Troubleshooting Fabric Attach using the ACLI 3. Verify successful LLDP transmission on a port: show lldp tx-stats port {slot/port[/sub-port] [-slot/port[/subport]] [,...]} 4. Verify that the port is receiving LLDP PDUs successfully: show lldp rx-stats port {slot/port[/sub-port] [-slot/port[/subport]] [,...]} 5.
Troubleshooting Fabric Attach Variable Value slots and ports (slot/port,slot/port,slot/port). If your platform supports channelization for 40 Gbps ports and the port is channelized, you must also specify the sub-port in the format slot/port/sub-port. Related links Viewing port-based LLDP statistics on page 312 Verify FA discovery and I-SID-to-VLAN mapping assignments Displaying learned LLDP neighbors Use this procedure to verify details of the LLDP neighbors learned. Procedure 1.
Troubleshooting Fabric Attach using the ACLI -----------------------------------------------------------------------------------------Total Neighbors : 1 -----------------------------------------------------------------------------------------Capabilities Legend: (Supported/Enabled) B= Bridge, D= DOCSIS, O= Other, R= Repeater, S= Station, T= Telephone, W= WLAN, r= Router Switch:1(config)# On the proxy switch, verify discovery of the FA Server (VSP 7200 Series) switch.
Troubleshooting Fabric Attach SysName: SysCap: PortDesc: 1/1/1 BEB1-7254XSQ rB / rB (Supported/Enabled) Avaya Virtual Services Platform 7254XSQ - 40GbCR4-Channel Port SysDescr: VSP-7254XSQ (5.0.0.0_GA) ------------------------------------------------------------------------------Sys capability: O-Other; R-Repeater; B-Bridge; W-WLAN accesspoint; r-Router; T-Telephone; D-DOCSIS cable device; S-Station only.
Troubleshooting Fabric Attach using the ACLI show fa elements [{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] Example The following example displays the sample output for the show fa elements command.
Troubleshooting Fabric Attach 3. View FA statistics at the slot/port level: show fa statistics [{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] Note: If a slot is removed from the switch chassis, the FA statistics are not displayed on the slot ports. When the slot is inserted back again, the statistics counters are reset. 4. (Optional) Clear FA statistics: clear fa statistics [summary] [{slot/port[/sub-port] [-slot/port[/ sub-port]] [,...
Troubleshooting Fabric Attach using the ACLI Viewing FA statistics on a specific port (port 1/1): Switch:1>en Switch:1#show fa statistics 1/1 ========================================================================== Fabric Attach STATISTICS ========================================================================== Port DiscElem DiscElem DiscElem DiscAuth Received Expired Deleted Failed -------------------------------------------------------------------------1/1 3057 0 1 0 =================================
Troubleshooting Fabric Attach Variable Value platform supports channelization for 40 Gbps ports and the port is channelized, you must also specify the sub-port in the format slot/port/sub-port. Displays Fabric Attach statistics on ports. Use the data in the following table to use the clear fa statistics command. Variable Value summary Clears global level fabric attach statistics {slot/port[/sub-port][-slot/port[/sub-port]][,...
Troubleshooting Fabric Attach using the ACLI show fa assignment [{slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}] Example The following example displays a sample output for the show fa assignment command. Note: The state of I-SID-to-VLAN assignments on a client or proxy device is pending until it is changed by the FA Server to active or reject.
Troubleshooting Fabric Attach enable 2. Display all Switched UNI (ELAN) I-SIDs: show i-sid elan 3. Display ELAN I-SID information on an MLT: show mlt i-sid [<1–512>] Note: Viewing ELAN I-SID information on an MLT is useful to understand the origin of the ISID when multiple client or proxy devices connecting to the FA Server using SMLT MLT advertise the same I-SID-to-VLAN mappings.
Troubleshooting Fabric Attach using the ACLI Note: • The ORIGIN field displays once for each I-SID. It indicates the origin of the I-SID and not the origin of the I-SID endpoint. To view the origin of the I-SID endpoints, execute either the show mlt i-sid or the show interfaces gigabitEthernet i-sid command. - The origin of I-SID 4000 displays as DISC_BOTH, because it is discovered on both vIST peers.
Troubleshooting Fabric Attach Variable definitions on page 324 Variable definitions Use the data in the following table to use the show i-sid command. Variable Value elan Displays all ELAN I-SIDs. Use the data in the following table to use the show mlt i-sid command. Variable Value <1–512> The valid range for MLT ID. Use the data in the following table to use the show interfaces gigabitEthernet i-sid command. Variable Value {slot/port[/sub-port] [-slot/port[/ sub-port]] [,...
Troubleshooting Fabric Attach using the EDM Caution: Disabling FA flushes all FA element discovery and mappings. 4. View the element type in the ElementType field. Note: The only supported element type is faServer (FA Server). 5. To specify the assignment time-out, enter a time-out value in seconds in the AsgnTimeout field. 6. View the provision mode in the ProvisionMode field. Note: The supported provision mode is spbm. 7.
Troubleshooting Fabric Attach Before you begin Ensure that FA is enabled globally on the switch. About this task Enabling FA on a port or MLT is necessary for element discovery. On the FA Server, FA is enabled globally by default. However, you must explicitly enable FA on a desired port or MLT interface, following which the FA Server can begin transmitting LLDP PDUs that contain the element discovery TLVs.
Troubleshooting Fabric Attach using the EDM Name Description IfIndex Specifies the interface (port or MLT) on which Fabric Attach is configured. State Specifies the current state of the Fabric Attach port. It is either enabled or disabled. This field indicates whether LLDP PDUs (that include FA TLVs) are generated on the port (enabled) or not (disabled). MsgAuthStatus Specifies the Fabric Attach message authentication status on the port. It is either enabled or disabled.
Troubleshooting Fabric Attach Note: If a slot is removed from the switch chassis, the statistics are not displayed on the slot ports. When the slot is inserted back again, the statistics counters are reset. Procedure 1. In the navigation pane, navigate to Configuration > Edit > Diagnostics > 802_1ab.LLDP. 2. In the content pane, click the RX Stats tab. 3. To view the reception statistics graphically for a port: a. Select a row and click Graph. The RX Stats-Graph, tab displays.
Troubleshooting Fabric Attach using the EDM Name Description AbsoluteValue Specifies the absolute number of LLDP frames at a given point in time. Cumulative Specifies the cumulative rate of change of LLDP frames received. Average/sec Specifies the average rate of change of LLDP frames received. Minimum/sec Specifies the minimum rate of change of LLDP frames received. Maximum/sec Specifies the maximum rate of change of LLDP frames received.
Troubleshooting Fabric Attach You can view a graphical representation of the LLDP frames transmitted (FramesTotal), for the following parameters: • AbsoluteValue • Cumulative • Average/sec • Minimum/sec • Maximum/sec • LastVal/sec b. To view the graph, select one of the above parameters and click the appropriate icon on the top left-hand-side of the menu bar to draw a line chart, area chart, bar chart or a pie chart. c.
Troubleshooting Fabric Attach using the EDM The global FA statistics are displayed. 3. To view a graphical representation of the statistics, select a row and click the appropriate icon on the top left-hand-side of the menu bar to draw a line chart, area chart, bar chart or a pie chart. 4. Click Clear Counters to clear the existing counters, and fix a reference point in time to restart the counters. 5. Click Export, to export the statistical data to a file. 6.
Troubleshooting Fabric Attach 4. Click Clear Counters to clear the existing counters, and fix a reference point in time to restart the counters. 5. Click Export, to export the statistical data to a file. 6. To fix a poll interval, select an appropriate value from the Poll Interval drop-down list. Fabric Attach field descriptions Use the data in the following table to use the Fabric Attach tab. Name Description DiscElemReceived Specifies the number of discovery elements received on a given port.
Troubleshooting Fabric Attach using the EDM Name Description TimeMark Specifies the time filter. LocalPortNum Specifies the port on which the remote system information is received. Index Specifies a particular connection instance that is unique to the remote system. ChassisIdSubtype Specifies the encoding used to identify the chassis associated with the remote system. ChassisId Specifies the chassis ID of the remote system.
Troubleshooting Fabric Attach Fabric Attach troubleshooting example Troubleshooting FA Server rejection of I-SID-to-VLAN assignments using trace Consider an FA solution where the FA Server receives I-SID-to-VLAN assignment requests from a proxy device and some of these assignment requests are rejected by the FA Server. Use this procedure to help you troubleshoot the cause of the rejection.
Fabric Attach troubleshooting example Note: When the FA Server rejects an I-SID-to-VLAN assignment request, only a generic reason for the rejection is logged. Enhanced troubleshooting using trace 7. Configure trace: a. Enable keyword search in the trace output: trace grep WORD<0-128> b. Set the trace level for FA: trace level <0-226> sub-system Note: FA uses the trace level 221. c.
Troubleshooting Fabric Attach 1/5 312 710 active proxy 1/5 9005 400 reject proxy 1/6 312 710 active proxy 1/6 9005 400 reject proxy ----------------------------------------------------------------------4 out of 4 Total Num of fabric attach assignment mappings displayed ----------------------------------------------------------------------- Begin troubleshooting on the FA Server: Verify that IS-IS is enabled.
Fabric Attach troubleshooting example ================================================================================ MGMT ELEM ASGN PORT TYPE VLAN STATE SYSTEM ID AUTH AUTH -------------------------------------------------------------------------------1/5 proxy 1 T / S 10:cd:ae:09:40:00:20:00:00:01 AP AP 1/6 proxy 1 T / S 10:cd:ae:09:40:00:20:00:00:01 AP AP ================================================================================ Fabric Attach Authentication Detail ================================
Troubleshooting Fabric Attach main.x:faUpdateSwitchedUni :FA: faUpdateSwitchedUni port 197 isid 9005 cvid 400 0:07:57.802086 1 fa_swuni.c :2900[lcy-ve][12898-13062]cbcpmain.x:faUpdateSwitchedUniCheck :FA: Call faUpdateSwitchedUniCheckSmlt for mlt 1 0:07:57.802276 1 fa_swuni.c :2421[lcy-ve][12898-13062]cbcpmain.