00:00:00 - OK. Let the adventure begin. We have arrived at our first troubleshooting
00:00:04 - lab. We're just going to be focused on VLANs and Spanning-Tree.
00:00:08 - The way this is going to work is I've got three different troubleshooting
00:00:11 - scenarios, and I'll explain how this all works as we get into
00:00:14 - it. But here is the scenario. We've got ASW1; one of the switches
00:00:18 - has failed. Scenario 2, we've got a guest access VLAN which is
00:00:22 - failing. And then scenario 3, the connection to ISP1 is down.
00:00:26 - Now at this point, I'm sure that's extremely vague, so let me
00:00:30 - explain further.
00:00:32 - So now that we're at the troubleshooting lab, I can officially
00:00:36 - talk about how we're going to handle labs in this CBT Nuggets
00:00:39 - series. When I was first trying to determine how to do this series,
00:00:43 - I talked to the CBT Nuggets and I said, "This is really a hands-on
00:00:49 - series to where I mean if you take the certification exam for
00:00:53 - this, you get one or two simple questions to start the exam off
00:00:56 - I think just to get your blood flowing. And then you are in a
00:00:59 - full-blown simulator for the rest of the exam. It's all hands-on.
00:01:02 - It's all real world. So I was talking with the powers that be
00:01:05 - at CBT Nuggets and I was, like, how do I do this? I can't really
00:01:10 - build my own troubleshooting labs because then I know exactly
00:01:13 - where all the flaws are and I'd record it and I'd be like, "Oh,
00:01:17 - OK, guys. Let's look at this. Oh, look at that interface. It
00:01:22 - shut down. Wow. I didn't expect that." I can't pre-plan things
00:01:28 - thing that's I'm going to find wrong. I think at this point,
00:01:31 - if you've gone through some of my other series, you know I kind
00:01:34 - of go without a script and if stuff blows up along the way, I'm,
00:01:37 - like, "Hey, let's work through. Let's figure it all out together."
00:01:40 - So if it were all scripted, I just would feel, I don't know,
00:01:44 - the series would be kind of wacky to me. So I was looking for
00:01:48 - a remote lab vendor, and I remember these guys I ran into at
00:01:51 - one of the Cisco networkers' conference called NIL. And there
00:01:55 - were some guys from, where were they? Slovakia? No. It's another
00:01:59 - website. It's si. Silvonia? I don't even know. They're far away
00:02:03 - in another place in the world, far away from me. But all they
00:02:07 - do or one of their major focuses is remote labs. So I thought,
00:02:10 - well, let me check them out. And sure enough, they had a TSHOOT
00:02:13 - series. And so I talked to them. I said, "Hey guys, are you cool
00:02:16 - if I use you guys, because you guys have some pretty sweet labs,
00:02:19 - and just kind of record it? And I'll suggest, of course, to our
00:02:23 - students that if you want, you can definitely sign up for the
00:02:26 - NIL Labs yourself and go through them, kind of get that hands-on
00:02:30 - experience yourself." But what I'd really like to do is just
00:02:33 - go through the labs and record my thought process. Because one
00:02:36 - of the best ways to get troubleshooting skill is experience.
00:02:40 - You know that, right? We've talked about that up 'til now in
00:02:43 - the series. You know until you've been there and done that, and
00:02:46 - a lot of times, it's hard to do and I think about "How can I
00:02:51 - build a series that brings experience?" And I thought, and this
00:02:54 - word just keeps sticking to my head, apprenticeship. It's where
00:02:59 - when somebody is becoming an apprentice, they just kind of sit
00:03:03 - under, I'm hesitant to use this word but it kind of goes together,
00:03:07 - the master, if you will. They sit under the master, like I think
00:03:10 - of like a swordsman, like the master swordsman, and they watch
00:03:13 - and they duel and they battle and they kind of learn from the
00:03:15 - master and just kind of gain that experience and then as Star
00:03:20 - Wars come back in, "The apprentice has become the master." So
00:03:23 - that's what I thought I would do, not that I'm at all saying
00:03:26 - I am the master of all things Cisco because I'm not. Trust me,
00:03:30 - as I'm sure, as we go through the series, I'm going to run into
00:03:34 - some walls and go, "What on earth?" And I know many of you are
00:03:36 - going to be, like, "Come on. It's over there. It's over there.
00:03:38 - Look under there." So anyway, my point is this: you guys can
00:03:42 - hang, you can watch exactly what I'm doing, but I also just wanted
00:03:46 - to throw the website out there. It's nil.si. If you do want to
00:03:49 - go check out the labs, they do have labs. Of course, it is an
00:03:52 - extra cost to sign up for the labs, but they have subscriptions
00:03:54 - for a week, for a month, for three months, for however long you
00:03:58 - want to get into the labs. So that's going to be how I structure
00:04:01 - it. So what we're going to do is kind of go piece by piece. I'm
00:04:04 - going to show the network diagram. I'm going to break down the
00:04:07 - scenario. And let me also mention this: when I went to the NIL
00:04:11 - labs, of course, the labs are in PDF format and they're huge.
00:04:15 - I mean they have full scenarios of, "Here's what's going wrong,"
00:04:19 - and I thought, "Well, why don't I do this?" just because I don't
00:04:21 - want to sit and read paragraph after paragraph
00:04:27 - on the video to you guys. So what I did was I kind of summarized
00:04:30 - the trouble tickets. These labs are a series of trouble tickets
00:04:34 - to where it will say, "Trouble Ticket A: User Bob, he came in
00:04:38 - in the morning and his coffee spilled. It was a bad day for him"
00:04:42 - This is kind of how the labs are at NIL. And I thought, you know
00:04:44 - what? Instead of just having the full scenario, I'm going to
00:04:46 - boil it down. And so what I did was I recreated the trouble tickets
00:04:50 - on these slides and just used bullet points. I'm like, "Hey,
00:04:53 - Bob came in, switch didn't work." Or I shouldn't even say switch.
00:04:57 - "Bob came in. Connection didn't work. He complained, sent a trouble
00:05:01 - ticket, says everything is down. What do you do?" So I just kind
00:05:04 - of boiled it down so you don't have to sit there and read and
00:05:06 - read and read all these paragraph formats.
00:05:10 - So that's my overview. That's going to be how we approach the
00:05:12 - labs. Again, so I'm surprised when the trouble tickets come in,
00:05:17 - and I have to figure it out and then you guys can watch me, kind
00:05:20 - of watch my thought process, have your own thoughts, gain some
00:05:23 - skill, especially if you want to check out and do the labs yourself,
00:05:26 - put that all together. I think it's going to be a pretty cool
00:05:29 - series. All right, well, let's get in to the lab topology. And
00:05:34 - this is going to be the topology that we use for the rest of
00:05:36 - the series. This is really neat because it's just like the TSHOOT
00:05:41 - exam. Cisco publishes, I don't know if you know this, but they
00:05:44 - publish the topology, the network diagrams that you're going
00:05:47 - to experience in
00:05:50 - the exam. So it would be very smart before you go take the test
00:05:54 - to go to their website and look at them and kind of take some
00:05:57 - notes, all those kinds of things, get familiar with the lab topology
00:05:59 - because once you start the exam, you're going to get the same
00:06:02 - topology for the rest of the exam. And let me say thank you,
00:06:06 - Cisco, for doing that because you know what it is, walking into
00:06:09 - a new network environment. It takes a while. You got to, "OK.
00:06:13 - This is connected to this. OK. This subnet is over here." It
00:06:16 - just takes time to get familiar with a brand new network. So
00:06:19 - just like the lab exam or the certification exam, we are going
00:06:23 - to be using a single topology throughout this entire series,
00:06:28 - and trust me, there is a lot that can go wrong with the topology
00:06:30 - like this. So let's break it down. Let me just hit the major
00:06:33 - areas. Up here,
00:06:36 - we've got the ISP. So notice we've got dual ISPs going out right
00:06:42 - here, two different ISP connections. We've got a www, Worldwide
00:06:45 - Web, HTTP server that we can use for tests. Now this lab does
00:06:49 - not have actual Internet access, but we can always check this
00:06:52 - Web server to make sure that things are online and the Internet
00:06:55 - is working. This let me just draw a nice big circle around here.
00:07:02 - It's big, very big. It's bigger than my drawing pad. So we've
00:07:08 - got this right here, which is, you could call it the corporate
00:07:10 - office. Think of this as HQ where all of our devices reach. We've
00:07:15 - got a server, represent a server farm over here on the right,
00:07:19 - and we do have remote desktop access to all the clients, all
00:07:21 - the servers connected into Core Switch 1. Now Core Switch 1 obviously
00:07:26 - runs the campus, connects to these two edge routers, that IRO1
00:07:29 - and IRO2, which connects to our two different ISPS. We also have
00:07:33 - Core Switch 2, that's our redundant switch down here, bleeding
00:07:36 - into, it looks like, a client switch. So this is our client connectivity
00:07:40 - and a client test over here, which is going to be our end users
00:07:45 - that are connecting through Access Switch 1.
00:07:48 - Corporate office also has dual connections to branch routers.
00:07:52 - We've got CRO1 and CRO2, which connect to some kind of cloud.
00:07:57 - At this point, I believe it's frame relay. So we've got a framer-like
00:08:00 - cloud connecting to dual branch office routers. Now these are
00:08:04 - for the same branch office connecting into Branch Switch 1, which
00:08:07 - has Client 2 and Client 3. So this is our topology, and again,
00:08:12 - as we go through more of this, we're going to get more and more
00:08:14 - familiar with it. So we've got I guess you could say two major
00:08:17 - offices branch office and corporate office and dual ISP connectivity.
00:08:24 - All right. Well, that should give you an overview of where we're
00:08:26 - going. Are you ready? Let's get into it. Scenario 1 in switch
00:08:31 - troubleshooting. Here are the high points. ASW1 has failed. Junior
00:08:36 - colleague was asked to replace it. Now just a side note, any
00:08:40 - time in this TSHOOT lab experience or certification exam, any
00:08:46 - time you hear of a junior employee, something bad is about to
00:08:49 - happen. So enough said. So ASW1 is over here. It's in our corporate
00:08:53 - office. So it looks like that's a brand new switch based on the
00:08:56 - scenario. Next morning, report came in, ASW1 does not work. OK.
00:09:03 - Simple enough. That's all there is to the report. We've got Client
00:09:06 - 1. I'm guessing that's our reportee in the system. So users on
00:09:11 - Floor 1 fed by ASW1 are complaining about network access and
00:09:14 - they need it repaired ASAP. Of course. Everybody is Quadrant
00:09:18 - 1, right? Urgent, high priority. So what I'm going to do is I'm
00:09:23 - bringing up the lab environment on NIL. And the beauty is I just
00:09:28 - kind of click the devices and get access. I've already clicked
00:09:31 - because I wanted to have the log on already to Client 1 over
00:09:35 - here so I have a remote desktop session here. Now keep in mind,
00:09:38 - all of these are
00:09:41 - remote sessions from me until Silvonia
00:09:45 - where are you, NIL? I can't even pronounce your country name.
00:09:49 - It's horrible. It's a horrible statement for me. So there is
00:09:53 - a little delay. I mean I'm figuring isn't this amazing? As I
00:09:56 - click this button, the packets are traveling thousands of miles.
00:10:00 - So anyway, let's get on to our client. And first I'm going to
00:10:03 - do is get into a command prompt, do a ipconfig. That's
00:10:10 - always my first thing, to check the IP address. It looks like
00:10:12 - we've got by the way, the clients, and I read this in the documentation
00:10:16 - from NIL, they all have two network cards: a lab network card
00:10:20 - and management. Now management is behind the scenes. It's for
00:10:22 - the magic that NIL is doing, so don't even concern yourself with
00:10:25 - that IP address in these labs. We're looking at the lab. Imagine
00:10:29 - as if this client only had one network card and that was lab,
00:10:32 - and at that point, I would say that is bad because the client
00:10:36 - is not getting an IP address. A matter of fact, it's not even
00:10:38 - a good old 169.254. They must turn off that feature on the client.
00:10:42 - So we're not getting an IP address so DHCP is not working. So
00:10:45 - let's do this.
00:10:48 - Let's go to where we have a failure point, ASW1. Let's start
00:10:52 - there. Just kind of follow the flow, right? So I've got my session
00:10:57 - brought up here.
00:11:00 - Let's get in. So I'm going to do, and I'm telling you these are
00:11:04 - just my own habits and feel free to I should stop even talking.
00:11:09 - I'm just going to troubleshoot as if I was here, and if you have
00:11:14 - any questions, I'm sure I'll answer them. So I'm going to do
00:11:18 - a "show ip int brief." That's always the first command I type
00:11:21 - almost any device I get on because there is no other command
00:11:24 - in Cisco that gives you not only all the interfaces but all the
00:11:27 - interfaces in a very concise format as well as their status,
00:11:32 - both Layer 1, physical layer, and layer 2, the data link layer.
00:11:35 - So I'm looking here. And by the way, this is all you get. We
00:11:39 - don't have any diagrams with IP addresses, nothing with port
00:11:43 - numbers, nothing. We got to kind of discover this as we go. So
00:11:47 - I'm looking here. Let me get a little more because it looks like
00:11:50 - we've got some up interfaces. That's good. I'm going to do a
00:11:52 - "show interfaces status"
00:11:58 - because that's another, again, concise view of all the interfaces,
00:12:02 - and I get to see the descriptions. Now one thing that I can assure
00:12:05 - you, and this really helps as you're troubleshooting, the descriptions
00:12:09 - are accurate. NIL is not cruel enough nor is Cisco to start putting
00:12:13 - bad descriptions like that this actually connects to the PC and
00:12:16 - they put a description on there saying, "Oh, that's really the
00:12:20 - channel." So the descriptions are accurate. I guess what I'm
00:12:24 - looking for right now is what's up? My initial thought is I would
00:12:28 - see some down interfaces, which I see VLAN 128 is down. And I'm
00:12:33 - going to make an assumption there that VLAN 128 is the management
00:12:37 - VLAN. So let's do a quick "show VLAN." Let's take that one on
00:12:41 - first. It's probably unrelated to what we're doing here. I don't
00:12:45 - see VLAN 128, so that's a quick add. I'm going to go in and do
00:12:48 - "VLAN 128."
00:12:50 - Let's create that VLAN, name,
00:12:54 - management. Now look at that. We've got some fancy logging going
00:12:57 - on too. So we've got name and management.
00:13:01 - So that way, because if you have a VLAN interface, let me do,
00:13:05 - try "IP interface brief." If you have a VLAN interface and there
00:13:08 - is no associated VLAN that goes along with it, kind of you haven't
00:13:11 - created the Layer 2 VLAN, it's not going to come up.
00:13:16 - OK. So it looks like something happened here. We've got logging
00:13:20 - reengage. It looks like some logging is turned on. And as soon
00:13:23 - as that management interface went active, it's saying OK. Good.
00:13:26 - We're reconnecting to our logging server. It looks like a syslog
00:13:29 - server that is configured. So that was good. It's a good first
00:13:33 - step, get some management access back to this. And by the way,
00:13:35 - when you click on these devices on NIL, you get a console connection.
00:13:39 - So you can access them regardless of whether the device is up.
00:13:42 - So next piece I'm going to
00:13:47 - do is get my interfaces back in front of me again. I'm going
00:13:49 - to do a "show cdp neighbors." Again, I'm assuming CDP is running,
00:13:54 - and I'm not seeing anything here, so
00:13:59 - I'm stuck. I'm,
00:14:03 - like, "Wow, this went well." OK. So we're up. OK. Let's see what
00:14:06 - we know, right? We're up. We've got our interfaces showing connectivity.
00:14:11 - I'm not seeing any CDP neighbors, so let me do a "show run include
00:14:15 - CDP," make sure CDP is not turned off. OK. It looks like it's
00:14:18 - not enabled somewhere
00:14:23 - under some interface.
00:14:25 - Well, again, by the way, "no cdp run" turns it off on the whole
00:14:29 - switch. "No cdp enabled" just turns it off on an individual interface.
00:14:34 - Yes, there it is. OK. So that makes sense. So we've got a link
00:14:39 - to the client which is not having CDP enabled, so we should see,
00:14:43 - I'm guessing, if the other side is turned on, we should be seeing
00:14:46 - things via CDP. So OK. Here is my next step. If I'm at this point
00:14:52 - in the real world which this is very close to the real world;
00:14:55 - Jeremy is already confused I'm looking. I'm seeing the interface
00:14:59 - is up. I'm thinking it's connectivity. I'm going to start seeing
00:15:04 - what's going on. Let's do a "show interface status"
00:15:10 - and see what's oh, not "show ip interface status," "show interface
00:15:14 - status," and let's see what's connected to what and see some
00:15:19 - configurations. So I'm looking here. It looks like I've got some
00:15:22 - individual interface configs on Fa0/1, 0/2. And we've got Port
00:15:26 - Channel 1. So let me do a "show run interface
00:15:30 - port channel
00:15:33 - 1," po1. All right. So here is what I'm going to do. I'm going
00:15:38 - to grab one of my favorite utilities,
00:15:42 - Notepad++. Nice free utility. I'm just going to copy this so
00:15:48 - I can use it as reference as I'm jumping between the switches.
00:15:51 - Now if typically, if you don't have Notepad++ available, for
00:15:56 - instance, if you're on a certification exam, you just keep two
00:15:58 - windows open, kind of organize them side by side. The exam lets
00:16:01 - you do that. I'm just going to keep that there so I can flip
00:16:03 - back to it quickly. So let's focus first on the connection between
00:16:08 - ASW1 and CSW1. I'm going to come over here. I want to make sure
00:16:12 - CDP is enabled on CSW1 as well because obviously, I'm not going
00:16:17 - to see anything. So let's do CSW1,
00:16:23 - show IP interface brief.
00:16:27 - All right. A few more interfaces here. Wow, a lot more VLANs.
00:16:30 - So this is obviously a core switch doing a lot of routing. It
00:16:35 - looks like the interfaces are up for the most part. It looks
00:16:39 - like a 48-port switch with most of them unused. Again, and trust
00:16:42 - me, if the trouble tickets all take this long, we're in for a
00:16:46 - long ride on this series. But what I'm saying is right now, I'm
00:16:50 - getting familiar. You're getting familiar with this topology.
00:16:52 - We'll get used to where things are connected the more that we
00:16:55 - do. So let's do a "show interface status"
00:17:00 - so I can see what's connected to what.
00:17:04 - All right. So Fa0/11 and 0/12, it looks like our trunk to ASW1
00:17:10 - looks good. OK. So we're good there. Let
00:17:15 - me space down through this. OK. We got Channel to CSW2. So if
00:17:19 - these physical interfaces are channeled, that means there is
00:17:21 - going to be a port channel. So let's draw up then. There we go.
00:17:24 - Port Channel 1, let's do that, "show run interface po1."
00:17:30 - All right. So port channel 1, I'm just going to take this,
00:17:36 - paste it next to this guy. Let's kind of look at the two. OK.
00:17:39 - We've got the same allowed VLAN, same native VLAN. We've got
00:17:43 - trunking enabled.
00:17:45 - Oh, oh,
00:17:49 - whoa. That's not been used for a while, switchport trunk encapsulation
00:17:56 - isl. Nice. I don't even I don't even think the 2960, which is
00:18:02 - what our little ASW1 is, supports ISL encapsulation.
00:18:07 - That is pretty tricky. OK. That
00:18:11 - gives me a quick view of what's going on there. I'm going to
00:18:15 - do a "show run include CDP" to see if OK. It looks like it's
00:18:20 - turned off in a few places there. I don't see it turned off on
00:18:25 - the port channel and I don't see a "no cdp run" so it's running
00:18:27 - on this switch. So if it's not turned off on the port channel
00:18:32 - and it's running, then it should show up. So let's fix that error
00:18:37 - that we saw there. I'm going to go under interface port channel
00:18:40 - 1 and do a "switchboard trunk encapsulation
00:18:47 - dot1q." Let's get that switched over to a modern trunking language.
00:18:52 - OK. So we've got that executed. Did that fix anything? Let me
00:18:56 - shoot over to
00:18:58 - Access Switch 1.
00:19:00 - Oh, look at that. Life. Spanning-Tree PVSTSIM_FAIL blocking designated
00:19:06 - port. OK. Inconsistent VLAN. OK. Well, that's OK. That's OK.
00:19:10 - That's a problem but that's OK because now we have OK. We have
00:19:16 - some connectivity. The interface has been enabled. So I'm seeing
00:19:20 - CDP packets on there. So now it looks like there is another issue
00:19:24 - going on here, which is Spanning-Tree. But for now, you know
00:19:29 - what? Before I go any further, I'm going to check connectivity
00:19:32 - to CSW2, just make a little note for myself here. ASW1 Spanning-Tree
00:19:40 - issues to CSW1. So I don't
00:19:44 - forget about that. OK. So we've got ASW1 with connectivity now
00:19:49 - to CSW1. And before I go any further, that was pretty scandalous.
00:19:54 - What they did was they mismatched the trunk encapsulations. CSW1
00:19:59 - was using ISL, ASW1 using 802.1q. The reason, I'm guessing, they
00:20:04 - went with that little flaw in there was because the interface
00:20:07 - stays up. You still have connectivity. You still are up and up.
00:20:11 - You're not going to see the line protocol go down. So it looks
00:20:14 - like everything is working but you're not communicating because
00:20:16 - you're speaking different languages. So let's shoot over to CSW2
00:20:21 - because we're not getting connectivity to that guy either.
00:20:26 - All right. Default neighbor not on common subnet. OK. So we got
00:20:30 - something going on there. So let's do a "show cdp neighbors"
00:20:33 - on this guy. I just want to see what I'm seeing. All right. So
00:20:36 - it's C Switch 1. Who are you, not default
00:20:41 - neighbor? "Show ip interface brief." Let's see if we can find
00:20:47 - port I'm guessing if they stayed the same that this guy is going
00:20:51 - to have a port channel 1. Oh, notice that. He is completely down.
00:20:55 - So this is a totally different issue. It looks like as if it
00:20:57 - was a trunk mismatched, then we'd have up and up. So let's do
00:21:02 - "show interface port channel 1." Look at the config under there.
00:21:06 - OK. So it looks like they've got dot1q turned on, switchboard
00:21:10 - mode trunk.
00:21:13 - OK. So it looks like port channel 1 is good, and we just keep
00:21:20 - getting these errors. OK. So port channel 1
00:21:24 - configs look good, indiscernible. Let's do a "show
00:21:30 - interface status." Let's see what physical interfaces make up
00:21:35 - port channel 1.
00:21:37 - OK. So whoa. Look at that action. Suspended.
00:21:41 - No sup for you. So FastEthernet 0/11 and 0/12, "show run interface
00:21:48 - fa0/11 and /12."
00:21:53 - OK. OK. Now wait a sec. OK.
00:21:57 - Look at this. Port channel 1, they've got switchboard trunk allowed
00:22:03 - thank you, status message switchboard trunk allowed VLAN such
00:22:07 - and such, but on the physical interface, they don't have that.
00:22:10 - So here is the tip. If you do the "show interface status, you
00:22:13 - see suspended I got to turn off that auto scroll on SecureCRT.
00:22:18 - You see suspended right there. That typically is because a physical
00:22:22 - interface is not matching the configuration of the port channel.
00:22:25 - Good grief! They threw the whole kitchen sink at us on this first
00:22:29 - trouble ticket here. So let's go in. Let's go under fa0/11.
00:22:34 - And what I'm going to do is I'm going to make the configuration
00:22:37 - of fa0/11.
00:22:40 - I'm going to turn off the auto scroll. That's what I'm going
00:22:42 - to do on
00:22:44 - SecureCRT. I'm going to copy and paste this before it scrolls
00:22:48 - down on me again. There we go. OK. So I'm going to put switchboard
00:22:51 - trunk allowed VLAN on there. Look at that. Hey. Hey. Hey. You
00:22:58 - can't make this much noise when you're in the certification exam
00:23:00 - as you solve things, so we might as well while we're out here.
00:23:04 - Look at this, fa0/12
00:23:06 - still complaining, set it up a couple of times. Wham. We should
00:23:10 - see that bad boy come up. Look at that, changed up.
00:23:16 - Hmm? Hmm? Show cdp neighbors.
00:23:18 - CDP is such a handy thing. Yes, I don't see anything. But CDP
00:23:21 - has a 60-second timer so let's give them some time. Show interface
00:23:26 - status. Good. What we see is we've got FastEthernet 0/11. We're
00:23:35 - connected. We're good. FastEthernet 0/12. All right. All right.
00:23:39 - I've got to get my bearings. I'm sorry, guys. I'm jumping all
00:23:44 - over the place. OK. So where are we right now? We've got now
00:23:46 - connectivity going to ASW1. Let's shoot back over to ASW1 because
00:23:51 - I'm starting to get lost as to where I am. I'm solving problems
00:23:53 - but I'm, like, "Where? What problems am I solving?" OK. It looks
00:23:58 - like we're still getting this Spanning-Tree issue. We'll get
00:24:01 - to that next. Let's do a show CDP neighbors from ASW1's perspective.
00:24:05 - Sweet. OK. So ASW1, at least now, at the data link layer, we'll
00:24:10 - say, has connectivity to CSW1 and CSW2. Good. Good, good, good.
00:24:15 - So let me just put my thoughts together. OK. Let's figure out
00:24:20 - this Spanning-Tree deal, all right? So we've got blocking designated
00:24:23 - port channel 2
00:24:26 - superior BPDU claiming root such and such. All right. So let's
00:24:30 - do a show Spanning-Tree
00:24:33 - and see what's going on there.
00:24:36 - All right. So we've got, whoa,
00:24:39 - we've got, it looks like both of our port channels are blocked.
00:24:42 - Spanning-tree is blocking
00:24:44 - both of those guys
00:24:47 - because it looks like with this arrow. Let's do a show Spanning-Tree
00:24:50 - inconsistent ports.
00:24:56 - PVSTSIM inconsistent.
00:25:00 - PVST. PVST?
00:25:02 - We've got MSTP up here. That's not working. So what we're doing,
00:25:09 - it looks like somebody configured ASW1 for Multiple Spanning-Tree
00:25:13 - Protocol. Let's shoot over to CSW1 just because it's right here.
00:25:17 - Let me do a show Spanning-Tree.
00:25:21 - Yes. Yes. Yes, that's not Multiple Spanning-Tree. That's Rapid
00:25:25 - Spanning-Tree, my friend. We've got a mismatch in Spanning-Tree.
00:25:28 - That's your standard
00:25:31 - mismatch. Let's check out CSW1. I'm sure right some of you guys
00:25:35 - are, like, "Oh my word, is this whole series going to be like
00:25:37 - this?" I'm sorry. Once I'm in troubleshooting mode, I'm there.
00:25:40 - I'm there. I'm just, I'm kind of like, "OK, let's figure it out."
00:25:43 - Maybe this wasn't a great idea. Maybe it was. As long as you
00:25:47 - guys are following along, we'll see. We'll see how it all turns
00:25:50 - out. So we've got Rapid Spanning-Tree Protocol running on it.
00:25:53 - OK. So that's our issue right now, is we've got a wrong Spanning-Tree
00:25:57 - version running on ASW1. So let's do a show run include spanning-tree.
00:26:05 - Yep, right there. Spanning-Tree mode.
00:26:10 - It's not RST or MST. It's Rapid, Rapid PVST. Let's
00:26:16 - see if we get some happy messages. Look at that. Line protocol
00:26:21 - changed up.
00:26:24 - Logging started, reconnecting.
00:26:28 - Yes, my tone will go up every message I get. I guess it's not
00:26:31 - going to tell us we're happy. Let's just do a show Spanning-Tree.
00:26:34 - It always tells you when something is wrong, never when something
00:26:37 - is good. Good. OK. Now I know some of you might be looking, being,
00:26:41 - like, "Ok. Blocked. Well, that's not good." Well, this is good.
00:26:44 - Look at our topology. This is a redundant connection so obviously,
00:26:48 - one of these ports is going to have to get blocked because Spanning-Tree
00:26:51 - stops loops. So it looks like Spanning-Tree decided to block
00:26:54 - port channel 1, which is fine. It doesn't matter which one gets
00:26:58 - blocked, at least in this case, because this guy right here,
00:27:01 - port channel 2, is now active. So we've got root connectivity
00:27:05 - going through.
00:27:07 - Wow. I think we've solved a lot. Let's go back to the client.
00:27:15 - Let's do an ipconfig. Let's
00:27:19 - see if we get an IP address. I'm guessing DHCP should be running,
00:27:24 - right? Let's
00:27:28 - see. Hey. Look at that.
00:27:32 - TShoot? That's TSHOOT. I'm an idiot. TSHOOT.local is our domain.
00:27:38 - OK. So we've got an IP address. Let's see if we can ping the
00:27:41 - default gateway, 10.1.128.126.
00:27:47 - Ah, such a good feeling. Good. Good, good, good. So at this point,
00:27:52 - what I would say is save those configs. I would say at this point,
00:27:56 - connectivity issues are resolved. Now, granted, in the actual
00:28:00 - lab, they would have testing
00:28:03 - steps saying, "Do this, do that." But I would say I should add
00:28:07 - that. I should make sure I add that to the future scenarios,
00:28:10 - is how to know when something is fixed. Because at this point,
00:28:13 - I would say we have connectivity. We've got network access. Once
00:28:16 - those leases are renewed, we're good to go. ASW1 looks good.
00:28:19 - All of our ports are up and forwarding. I would say we have a
00:28:23 - successful solution.
00:28:26 - Now I'm sort of creating the plan for this as I go. I hope you
00:28:29 - don't mind. But what I'm planning on doing is once we reach the
00:28:33 - end of the entire group of scenarios, I want to look at the solution
00:28:38 - guide from NIL and kind of have a debrief to where we go through
00:28:41 - and say, "OK. Well, this is what we found. This is what NIL said
00:28:44 - we should have found," and kind of work through it there. So
00:28:46 - I will do that. That's what I'm planning on doing. But since
00:28:49 - we have only done scenario 1 at this point, let me just kind
00:28:51 - of debrief on what we found there. Some of the key facts that
00:28:56 - we noticed is 1) there was the trunking mismatch. So I'll just
00:29:00 - put mismatch
00:29:03 - isl/dot1q. And that's what allowed
00:29:10 - the interfaces to show up except there was no communication going
00:29:13 - across them. CDP wouldn't even show neighbors on that. So we
00:29:17 - resolve that and that brought up the connectivity to Course 1,
00:29:22 - I believe is what it was, and then we found the Spanning-Tree
00:29:25 - issues. STP was misconfigured and we had MSTP and RSTP
00:29:33 - mismatched to where the access switch was configured for Multiple
00:29:38 - Spanning-Tree and the course which is where it configured for
00:29:40 - Rapid Spanning-Tree. And that brought up connectivity for scenario
00:29:44 - 1, to where now, ASW1 is connected. It's able to communicate.
00:29:47 - The clients attached to ASW1 are connecting, able to communicate.
00:29:51 - So in the next Nugget, I'm going to pick up there and we're going
00:29:54 - to move into the guest access failure scenario. And once we reach
00:29:56 - the end of all of these, I'll do a big summary and kind of compare
00:30:00 - what we got versus what NIL said we should have gotten. So for
00:30:04 - now, I hope this has been informative for you, and I'd like to
00:30:06 - thank you for viewing.