Try our training for free.

Gain instant access to our entire IT training library for 1 week. Train anytime on your desktop, tablet, or mobile devices.

This Cisco video training with Jeremy Cioara covers troubleshooting Cisco networks, including topics such as IOS tools, VLANs and spanning trees, router performance issues, and more....
This Cisco video training with Jeremy Cioara covers troubleshooting Cisco networks, including topics such as IOS tools, VLANs and spanning trees, router performance issues, and more.

Related area of expertise:
  • Cisco networking level 2

Are you ready to run a Cisco network?  You will be, once you pass your TSHOOT exam. TSHOOT is the final step for earning Cisco's CCNP certification.  Employers trust that CCNP certified staff have the vital, problem-solving skills their network needs.

With tech guru Jeremy Cioara in the virtual chair next to you, you'll get the training you need super-fast, and you'll love every minute of it!  His TSHOOT video course is 80-90% hands-on, and Jeremy's filled it with tons of unscripted, real-world troubleshooting demonstrations.

By the time you're done watching, you'll be ready for the TSHOOT exam and actively troubleshooting your own network.
1. TSHOOT: Setting Your Expectations (16 min)
2. General TSHOOT: The Troubleshooting State of Mind (28 min)
3. General TSHOOT: Troubleshooting Before You're Treading Water - Proactive Steps (18 min)
4. General TSHOOT: Troubleshooting Before You're Treading Water - Proactive Steps, Part 2 (39 min)
5. General TSHOOT: IOS Tools to Monitor and Maintain the Network (27 min)
6. General TSHOOT: IOS Tools to Monitor and Maintain the Network, Part 2 (56 min)
7. Switch TSHOOT: VLANs and Spanning Tree Concept Review (19 min)
8. Switch TSHOOT: VLANs and Spanning Tree (30 min)
9. Switch TSHOOT: VLANs and Spanning Tree, Part 2 (28 min)
10. Switch TSHOOT: L3 Switching and Redundancy Protocols Concept Review (21 min)
11. Switch TSHOOT: L3 Switching and Redundancy Protocols (36 min)
12. Switch TSHOOT: L3 Switching and Redundancy Protocols, Part 2 (27 min)
13. Route TSHOOT: L3 Connectivity and EIGRP Concept Review (23 min)
14. Route TSHOOT: L3 Connectivity and EIGRP (48 min)
15. Route TSHOOT: L3 Connectivity and EIGRP, Part 2 (37 min)
16. Route TSHOOT: L3 Connectivity and EIGRP, Part 3 (19 min)
17. Route TSHOOT: OSPF and Route Redistribution Concept Review (23 min)
18. Route TSHOOT: OSPF and Route Redistribution (41 min)
19. Route TSHOOT: OSPF and Route Redistribution, Part 2 (29 min)
20. Route TSHOOT: BGP Concept Review (18 min)
21. Route TSHOOT: BGP (26 min)
22. Route TSHOOT: Router Performance Issues Concept Review (28 min)
23. Route TSHOOT: Router Performance Issues (43 min)
24. Security TSHOOT: Access List Concept Review (17 min)
25. Security TSHOOT: Access List Chaos (62 min)
26. IPv6 TSHOOT: IPv6 and IPv6 Routing Protocols (21 min)

TSHOOT: Setting Your Expectations

General TSHOOT: The Troubleshooting State of Mind

General TSHOOT: Troubleshooting Before You're Treading Water - Proactive Steps

General TSHOOT: Troubleshooting Before You're Treading Water - Proactive Steps, Part 2

General TSHOOT: IOS Tools to Monitor and Maintain the Network

General TSHOOT: IOS Tools to Monitor and Maintain the Network, Part 2

Switch TSHOOT: VLANs and Spanning Tree Concept Review

Switch TSHOOT: VLANs and Spanning Tree

Switch TSHOOT: VLANs and Spanning Tree, Part 2

Switch TSHOOT: L3 Switching and Redundancy Protocols Concept Review

Switch TSHOOT: L3 Switching and Redundancy Protocols

Switch TSHOOT: L3 Switching and Redundancy Protocols, Part 2

Route TSHOOT: L3 Connectivity and EIGRP Concept Review

Route TSHOOT: L3 Connectivity and EIGRP

Route TSHOOT: L3 Connectivity and EIGRP, Part 2

Route TSHOOT: L3 Connectivity and EIGRP, Part 3

Route TSHOOT: OSPF and Route Redistribution Concept Review

Route TSHOOT: OSPF and Route Redistribution


OSPF and Route Redistribution. Oh, I love OSPF. Laugh I am not supposed to say that because EIGRP is Cisco's protocol, right? Of course it is. However once you really get OSPF it's in...and this is the way I describe it... because I get asked this question all the time...they say...people...people


will ask me... there you go. So..., Jeremy, what's better? OSPF or EIGRP? And, you know, I look at them and I say, "well, without a doubt, EIGRP is the best routing protocol on the planet simply because Cisco created it and after we get done laughing for a little bit, I say, no seriously, EIGRP is awesome, provides features OSPF can't do. For instance, summarization anywhere just based


on the interface, you've got unequal load cost balancing. You've got the dual algorithm which allows you to move much faster than OSPF. And, and then if people say "well...if you've got a Cisco only environment, then why would you choose to run OSPF, because a lot of people are doing it". And I say: "honestly, I mean,


there's a lot of factors that can go into that. I mean, I mean...let me first say that...but, OPSF, once you get it, it's just cool. You know, you, you, you get into it and you're going "this protocol is awesome. I... why, because it takes so much stuff to figure it out to do it right. So much designing...ok, this area is over here. How does


it, how does that work, you know. OK, virtual links, I mean. It's so rich with complexity that once you get it, it's cool. Best way I can compare it. Subnetting. Right? When you, when you didn't get subnetting, you are kind of like "that is horrific. Why would I ever do subnetting. You


know, I've got subnetting calculators; I never want to do subnetting. But once you got it...assuming you got're like "Subnetting is awesome." Right? The first...the first job that you went after, after that, you, you subnetted them "Hi, what happened?


Every use of VLAN is like a /28 and you've segmented in, you created this massive subnetting just because.... I got it, and it's awesome and I want to work with binary and all that. It's always feels the same way, right? So nonetheless, I digress an OSPF, and it's wonders. Four scenarios based around OSPF and


Route Redistribution. There is some EIGRPness in these puzzles. We've got, 1, 2, 3, which...what I want to do is, again, I haven't looked at any of the solutions or anything like that. But just looking at the scenarios: scenario 1, 2 and 3 are so closely related, I wanted to walk through them with you and then, work on them one by one, but with the knowledge of them all together.


That didn't make any sense, right? So laugh, I just want to read them with you before we get started because what I want to keep in my mind is "what's going on with client 3? What's going on with client 1?" Because as we start solving client 2, I have a feeling we are going to run in some of the issues client 1 and 3 are experiencing as well. So, I just want to have those in the back of our minds as we are doing this. Say, OK, maybe


we can solve some of those puzzles as we work through, for instance, scenario 1.. And then scenario 4, we've got OSPF authentication failure, which is something that's unrelated to the first three. So I just kind of camp on that one and once we get there, we get there. I think one of the reasons


I get so excited about OSPF...and it is, it is specific to this set of nuggets, is because of this. Now, I know it's not pretty but this is the network modifications that were made for this next series of trouble tickets that we are now going to troubleshoot.


And, when I was doing this, I was having flashbacks, I was, I was just thinking...oh, my goodness, this is, this is just like the CCIE. It was like... As I was drawing it with my pen, I was, I was almost transported back to taking that CCIA exam with my scratch paper going..."OK, here he is. They want me to do what?


They want me to redistribute between...huh?...why would I ever do that, you know? I wouldn't do that", and then, arguing with myself on how crazy this CCIA level exam is. And then of course Cisco saying that they revised the CCMP to really prepare people for the CCIA, I saw this and I thought "oh, it's true; they did it", Laugh, and that's what they are doing. Now, this series of


trouble tickets, unlike the others, is a little different. Because, it starts off with a series of facts, like a scenario to begin these scenarios...meaning: up to know, the trouble tickets have been kind of I don't want to say is self-contained because they could affect each other but essentially, the scenario and the trouble ticket is presented to you all within the trouble ticket. Here, they gonna say: "OK, here is what's happened and


now, based on what's happened, let's do some troubleshooting. So let me...let me read through and I'll bring up the general facts. I have an all other slide but I just wanted to keep it right here in the lab topology while I talk through this so I can draw and point at things. So, the company, this company that


you work for is moving from EIGRP to OSPF in two phases. Phase 1, they are going to migrate the headquarters. So this group of devices over here, you know, that HQ, where OSPF Area 0 lands, is going to is going to inhabit OSPF. Phase 2 will be to migrate all the branch offices. And then again, the scenario implies that this branch office is just one of many. It just happens to be the first branch office they


started to move over to EIG... Oh sorry to OSPF. So, today is Saturday. As you walk into this scenario. Engineering has been busy changing protocols. Essentially, phase 1, which is migrating the headquarters, is done. They...they've got that done, split into the different areas. Phase 2 is beginning. And you, the protocol senior engineer, are available to troubleshoot and verify their operation. So essentially, you're sitting here


on staff, on Saturday, in order to decide which direction they want to go. Now, the company has made a decision, that, when you reach Sunday, you either need to make the decision to continue to move forward with OSPF or to roll back to EIGRP, saying "you know, this don't work out. Let's stay with EIGRP


and all of that". So, so, this, it's, it's you know, an active migration. You're in the midst of it right now. The current branch office is a test site for how the future branch offices will work. And, if you imagine with me, you know, imagine other CRO


route or maybe these CRO routers connected to other branch office out here...that are currently on EIGRP. What they are doing, they are using this branch office to test redistribution, to say, "OK, can we have EIGRP redistribute into OSPF and everything still work OK or, is it not going to work out?" EIGRP, now pardon me, OK -. So what they have, they've split this branch office.


They've got some VLANs, and specifically VLAN 16 and 17 I just put 17 here because that's what our client is on and that's what we use for troubleshooting. Some VLANs are using BRO1 as a default gateway which means as part of the EIGRP-side of things. Other


VLANs which include 18, 19 and 128 these guys have been made a part of OSPF Area 11 and are using BRO2 as a default gateway. So I only documented VLAN 18 because and that's why client 3 is going to be a member of and we'll use him for testing. So, that's the puzzle that we are putting together, pieces of the puzzle that are active in this scenario. So now, here we are,


it's Saturday, we get our first call. Scenario 1: After the OSPF/EIGRP/ redistribution implementation, Client 2 that's this guy out here cannot ping Server 1 that means this guy out here. Attempts to browse to http://isp3.tshoot.local also fail. OK. Well, I am just brainstorming right now, already


thinking through some of the possibilities. Obviously, if this is a DNS name, I am assuming, Server 1 is the DNS server. So we can't even venture into resolving host names until the connection to Server 1 is repaired. So let's look at that guy first. It says Client 2 uses BRO1 as its default gateway which is good. That tells us that's in the EIGRP domain which is probably doing some redistribution action with OSPF and vice versa. So our job is to diagnose and resolve the problem,


if possible. Of course it's possible! We are Cisco's superstars! So, I think the best place to start with this scenario is gonna be over on Client 2. Let's just start there. I opened an RDP connection too and beforehand so that I have it ready. So here is Client


2. Then I go "open a command prompt". And let's do an "ipconfig". Ok, good. That tells us he is getting an IP address, which is a good sign. Let's just ping his default gateway and make sure we are getting there as well...60.65. OK, that's good. It's a good start....Let's.... laugh


You know what? With some of the previous scenarios, I am not taking the risk. Let's just ping straight through the Server 1 and see if that works. Bring Server 1 in the picture because I need his IP address. I got you. Captured. Let's go back over. Ping...laugh...I don't want to get too far down the road to troubleshooting


when it really does work. OK. Oh...ok. So we just ping this server IP address but notice I don't know if you've gone through this experience before but most of the time when you ping something, you get "Request timed out. Request timed out. Request timed


out." Then the reason that that happens is because, usually, the router that's in front of you thinks it knows how to get there. This is a little different. In this case, the router in front of you, meaning who is that BRO1 does not know how to get there because there is only two kinds of messages that can be returned: one is going to be the typical well I won't even say it's returned is the...I just put Request dot T Request Timed


Out. The second is an ICMP I changed to a nice fatty marker here so I could draw lines through this and you are able to see it. So that's why my writing is so big here but ICMP unreachable, how do you spell it... unreach... Now here is the scoop coughing


Excuse me. Typically, when you try to access a destination, it will go to your default gateway. Your gateway looks: oh, I've got a default router, and sends it on. Let's say somewhere down the line, let's say CRO1, doesn't know how to get to Server 1, well, if he drops the packets, what is going to do is send an ICMP Unreachable message to BRO1 saying "I don't know how to get there", but BRO1 never forwards those back, which is why in most situations, Client 2 will see Request timed out, Request Timed out. And it kind of hangs there while, you know what I


am talking about, on that command prompt. It kind of hangs there. So in this case, it's not it's not doing that. It's coming right back saying "destination host unreachable". And you know what that tells me? That tells me BRO1 doesn't know how to get there. So the packet is getting right


here. BRO1 is like "I don't know how to get there". So he returns the message directly to Client 2 of ICMP Unreachable and that's where we get the destination message "unreachable". That's the whole key with these guys. They only go one router hop. So if


you are any further than the router right in front of you, you are always going to see Request Timed Out. However, we're kind of lucky with this case because it points the finger immediately right at BRO1. Let's go there. Now, bring our back at the picture here


...I was just using a Cisco IP communicator. I set up a little voice over IT lab, made a phone call to a friend of mine and, just for fun, I actually used Wireshark to capture the RTP packets of the phone call. And did you know you can actually use Wireshark and reassemble


the whole conversation into an Au-file which you can convert to a WAY file. It's pretty cool. This is what I was doing this afternoon. It was fun. So, BRO1. Back to our Client who is offline we shouldn't talk about such things when Client 2 is offline . So, back to BRO1. Resize this connection. Let's go here and just do


a do some of that... IP address on a clip board? Yeah. Let's do a ping, a ping right there. Yeah, we are not getting there. Let's do a show IP route and see if there is anything in the routing table. That routing table has...We've got we've got some D route. Now looking


back at our diagram, we've got IEGRP running in this small area of the network and then everything else is OSPF. Now, if redistribution really was set up the way that they said it should be, we should see a whole bunch of external routes 'cause EIGRP has the ability to mark things as outside of the EIGRP domain. Look at that:


right there! External. So it should say D EX which lets you know it's from outside. So something is not right with redistribution. I'm guessing these few routes are probably just like -f you look at them, they are all /30s. They are just probably in our EIGRP system. So, we've got an issue with redistribution. So let's see


who's...Let's go to CRO1, he is a border router. In OSPF's terms, he is an area border router. So he would be doing the redistribution from OSPF to EIGRP. So could this guy. But let's, let's just start with CRO1 and begin there. Where is my Firefox? There we go. Bring CRO1 into the scene... Hello CRO1....Oh right, so let's see, if he can ping. Can you get there my friend? laugh I can't ping 52. I must have highlighted something on the clipboard.


This...Right there...- Ping that guy. Ok, ok good. So CRO1 is getting there. So, there is definitely a redistribution problem. Let's do a "show run section router eigrp". OK. I am seeing redistribute OSPF 100. So I'm going also do a "show run section router ospf" and see his scenario. It should be OK. It looks like this guy is doing


two-way redistribution. OK. Wait a sec. Hang on. Hang on. That's not enough. If you just type in "Redistribute ospf 100", EIGRP, as a matter of fact jumps back here. EIGRP does not have a default metric for routes. Both RIP and EIGRP failed the default metric test. So if I redistribute


OSPF into EIGRP just like they are doing here, but I don't specify a metric, then they are going to come in with an infinite metric. I'll just put, you know, infinity.... So, the first router to get them is going to say those are invalid routes; so, I am not going to take them. I am just going to try that. Let's see if


that solves anything. Now, I am looking the other way and they are doing the same thing here. But OSPF does have a default metric. I think it is 25, just nice random number. So we don't have to specify with OSPF but with EIGRP, we definitely do. That's a


problem. So let's try that and just see if that makes any, any boats rock. What does that mean? Alright. So let's do a metric laugh. So when you specific the metric for EIGRP, it's like, hum...let's roll the dice... how about 1500? How about 0? How about 200? How about? Usually, I just do 10, 10, 10, 10, all the way across but, for fun, we'll change it up. You have to specify


all these even though EIGRP only uses bandwidth with delay by default for the metric. This is one of the disadvantages of doing redistribution is you totally lose the accuracy of your metrics. So, OK, we've got that done now. Now let me just do a "show run router


eigrp". OK, we are specifying metrics. Let's, let's go back. Let's go to BRO1 again. this guy. Here we go -. Let's do a "show ip route" now. Hey, there we go! That's what I'm talking about. We've got external routes, coming in left, and right. Good. Good, good,


good, good, good. OK. OK. So, OK. So first off, we are missing a metric on redistribution router. So now, I am just, I'm curious. Let's do a ping again. So let's a ping...- why can't I remember this guy's IP address? There it is: Hey, look at that! OK. Well let's see if that did it then. Let's go back over to our client, right here, and


if the... OK...Puzzle number 2. What have we got here? We've got now Request timed out. So again, and we just verified that our router BRO1 can indeed. It's getting all the way there. And we know that Client 2 is getting to BRO1, but Client 2 can't get all the way there. So, you know what this tells me? This tells me, this tells me that Server 1 is not able to get back because again, we just verified: BRO1 can ping Server 1. Client 2 can ping that, so, so, again, Server 1 must be missing this subnet, or not able to reach that subnet from...from there. So


let's...See, where to begin with that one? Let's...Let's start from his closest router. Let's go to CSW1. We know that CSW1, right here, is going to be his default gateway. And that... and we know that it can reach the outside interface of BRO1, just not this VLAN for whatever reason. So let's go over


there. Take a road trip with me to CSW1. I wish SecureCRT would just open the right size every time...There we go. laugh I know someone out there just thought "I know how you can fix that". Yeah...I know. laugh Some global setting somewhere. But who has, who has the time? Who has the


time... so, let's do a "show ip route" here. So, well I guess, let's... So he's getting some intra area route. But you know, I don't see any external routes on...on CSW1. Again, OSPF should show external routes as well if redistribution is indeed happening. It should be E1 or E2, right here... depending on the kind of redistribution. So something's


up with the redistribution on CRO1. Let's go there again. CRO, CRO, CRO, CRO, CRO, CRO...Here we are. CRO1. Let's do a "show run"... because we had the router OSPF. OK. So what's going on? Let's see. Redistribute EIGRP 1. Why does that look short to me? Now, OSPF does have a default metric. So I know


it's not that. But, let's just, hang on, let's just do a "redistribute eigrp 1" which is our autonomous system. Do a question mark. Metric. I wonder if we should set up a metric for greens. I forgot all about that guy. That's not good. Subnets, subnets, subnets. So the subnets


will allow you to redistribute the subnets otherwise OSPF will do automatic redis... oh what am I saying? Automatic summarization to where, if you don't specify subnets, OSPF is going to try and send the entire Class A network of 10 which in this case isn't gonna happen because we've got all these subnets of tens of 000. So these guys will reject that router and are going to say "No, we don't believe you." Now that you have that... Hang on, let's try that. I am


going to redistribute EIGRP1. Let's add subnets on there. Subnets. Now, it's not specifying a metric yet. See if that does anything. OK, so the key word is on there. Let's go over to CSW2. Take that road trip. No, CSW1. Or layer 3 switch. "Switch show ip route" now. Come on! Give me something. There! Oh! Look at that! We've got an external, external type 2 route. Hey, Hey? Why am I saying hey? It's like a Canadian, a Canadian hey? OK, OK good. So...Hang


on...Hold the phone. Hey...Look at that! I love it! I love it when that works. OK. So... OK, so that's it. No, no, that's not it; that is not it. We still have this half of the puzzle. "Attempts to browse isp3.tshoot also fail. So maybe now that the DNS is resolved or, I should say


the connection to ISP1 is resolved... as a matter of fact, I don't even know. I don't even know... wrong one there if the Server 1 is being used. OK, it is, it is the DNS server. So now that that's resolved, let's ping isp3.tshoot.local. See, I am so insecure, I'm into security, I am thinking IPS sensors. OK, OK.


We are unreachable again. So this means that, well it means that BRO1 doesn't know how to get to ISP3. And BRO1 probably doesn't know how to get there I am guessing. If I remember that routing table, I don't think BRO1 where is it?...No...There we go I don't think BRO1 had default route. Did he?...Scroll down. Gateway of last resort is not set...I


am just scrolling down to the bottom. We've got nothing! Alright. So...So we need a default route. And my thought is that they don't want us to statically put a router. Now, they didn't say it in the lab. But I am assuming they would not want that. They


would want these ISP gateways to originate a default route into the system. So, let's go there. Start with IRO2 because it is closer to Client 2 and it has a 2 in its name. Alright, let's do a "show ip route". Let's see if that guy knows how to get there. He does have a static


route. Now OSPF. In order to get OSPF to inject... well, where is his routes?...he's only got two OSPF routes. Is that good? Let's find out. Router OSPF. Oh right laugh. Meanwhile, while we are obviously on a 2600 series router, Ok, there we go. So we've got, let's see...Area


100. So, OK. So, we're running this. Nope, no passive interface. That one 129. Let's just do a "show sleepy neighbors"...OK, so he's connecting to CSW2 on FastEthernet 0/ 129. I am assuming that that's his DNS interface. He's getting some routes. Let's


check out...see what we've got. These guys are in OSPF Area 100, right? Let me see that again. So this 's Area 100. That's accurate. We're good. We're forming neighbors right? "Show ip OSPF neighbor". OK. We've got our default information originate. So why? Let's see if this command should


be sending the default route into the system. Now you can throw it all in there. But that's only necessary if you don't have a default route yourself. Passive interface...I am just trying to put the pieces of the puzzle together. Let's go to over to CSW2 because IRO2 is forming a relationship with him. See if he has a default route. Now, I don't know why I just did that. "Show


IP route", show sleepy neighbor, show IP route. We've got nothing. Why no default route? Gateway of last resort is not set. He's forming a relationship. How would he not send a default route? OK, let me just talk through this. What do we know? We know IRO2 does have a default route to the Ethernet which I, I didn't verify that but he has a default route in his table.


Let's start there. We know he has a default route. We know he has a relationship with CSW2, right? because that was the only router he could possibly form a relationship with. Let's see. Who is that? 192 dot 19. Check that.1...119...92 where are we at? 92 dot 13, is that what I said? No, 19, 19. Who's that neighbor relationship with? 220 dot 3, 10 dot 1 dot 192 dot 19. Who are you talking to? 192? No. 192 19? Have you seen it? But CDP is showing the only thing he sees via CDP is CSW2 and FAS Ethernet 0. Going into FAS Ethernet 2. Hang on, hang with me here for a second. I am going to do a show VLAN. Just see


what, well it won't show up. "Show run interface FA0/ 2". OK. So native VLAN is 1000. Allowed VLAN 12 and 129. 12 and 129? That sounds right because he is running no passive interface. Let's take a look at that interface: "show run interface". Paste. What have we got? We've got


transit, nat inside, dot 20. So this is VLAN 129. So may be am I just missing it? Hang on. VLAN 129. Oh, did I just not see that? 192 dot 19, 192 dot 18. I didn't think of the HSRP. "Show run interface VLAN129". No, you're right, scratch that. It's where is dot 19? Is that CSW1? Did they form a relationship over there even though it doesn't show up via CDP? It's kind of bizarre, guys. Let's see. Well, thank you very much. Oh wait, I already


have a connection to him somewhere down on the list. There we go. No, he is not getting a default gateway, so let me just do a "show ip interface brief include VLAN 129". Yeah, that was a long shot laugh. Let's get the syntax in capitalization just right. VLAN, OK, no


space. VLAN 129. 17. Where is dot 19 coming from? I am just trying to find out who this neighbor is that he is seeing in his table. Again, CRO, what we've got. BRO. Let's do this. Let's go to IRO2 laugh. I've got to name these windows. I just flip them around constantly. Let's do a "show


cdp neighbor detail". Who are you talking about? So here seems to be one. So 18. But he's forming a relationship with 19.Ping 19. Ping 18. Are these different people? Oh, OK. Ping 18. So let's do a "show arp". So look at that. We've got a mystery router. laugh. So dot 19 is coming from somewhere. But we don't know where. But that's OK; Maybe it's the ISP. Maybe


it's...who knows! Who knows what that is. But for now, let's do this. Let's work on getting, if we need to... Let's figure this out. Let's do a "CSW2 show run section router ospf". Cisco upgrader switches. Alright. So.... Not include. Begin with. Alright. So, let's see. Router OSPF. We've


got no path; So ok, it's running on there. 192 dot 9? Dot 18? Dot 18. Ok, this is good. We are forming in Area 100. What's the scoop? "Show ip OSPF neighbors". OK, so we're seeing somebody on VLAN 99, or VLAN 129 dot 17. And that is IRO2, right? No, he's dot 20. He's dot 20? This is impossible. We have a mystery device. Hang on, hang on. Let's do a lot of logging here. So we've got


IRO2: he's dot 20, right? CSW1, he's dot 18. CSW... who's this guy? CSW1. He is... did I say 1 or 2 before? He's dot 17. Dot 17 on VLAN 129. So we have a relationship between 20 and who? The problem..; 19, right? Is that 19? Show. And we're forming a relationship with dot 19. And they happen to be the BDR. Whoever


router IDed that. "Show ip ospf database". Ok, just looking at which ones are who. OK. So this is the mysterious dot 1...Is it not IRO1? We form a relationship with IRO1? Hang on. Again, this is where that spreadsheet would come in handy. Alright, so let's do "show


ip"...He's the only one I can think of that would be in that VLAN. OK. OK, so we're forming a relationship with him. So he is the missing piece, he's the missing link. Dot 19 is right there. So these guys have formed a relationship apparently. But, let's hang on. Let's look


at him: "show ip ospf neighbor" but they are not forming a relationship with the layer 3 switches. Why would that be? So let's, ok, now we're going places. Let's look at IRO1: "show run section router ospf". And meanwhile, let's also look at CSW2. I'm just going to look through this line by line. So we've got


no passive interface. So this is good. And it's definitely forming relationship on here. It's just ignoring... Hang on. What would cause it to ignore those relationships? May be if... no, that's Area 1. Area 1 authentication message-digest. So that's no worries. So


VLAN 129. So: "show run interface VLAN 129". Nothing special under there. "248". I'm just kind of doing a comparison between the two. No passive interface. "Show run interface FA0/0.129". So same. Oh, why did they do that? Why would you do that? Why would you do something like that? OK. Is that the


same way? "Show run interface FA0/0.129". Look at this! How did I not see that? Did I just miss that before? OK. Default Hello timers on OSPF are 10 seconds. And I did not see. Actually I know there was no modification on the hello times on OSPF on these guys. So these guys are forming


relationships. These guys are just doing a 5 second hello timer. So they're forming relationships; So you know, I like the 5 second Hello timer better. I bet you, watch this: let's go for him. "Interface VLAN 129 ip ospf, hello-interval 5". "Dead interval 15". Meanwhile, new neighbor. Won't you be my neighbor? Where are we at? Where're we at? Where are we at? Come on...laugh Trying to find the right window. No. OK,


there we go. Let's go "interface VLAN"...let's just do "run interface VLAN 129". Make sure this guy is the same. That's what I thought. "Interface VLAN 129". IP OSPF, I should have documented those IP addresses long ago; I would have easily seen that. "15"...Change that to "dead". Alright. So change those OK. We've got new neighbors.


Hello neighbor! Hello neighbor. Alright. New neighbors, 3 new neighbors. As we would hope them to be. Now, let's go back and do a "show ip route". See, now we are getting that default route that is been sent in via OSPF. Good. Load balanced between the two IRO routers. So this is good. We've


got that coming through now. Let's go back over to the original. BRO1. Let's do a "show ip route" on him. And look, he now has a default gateway, right there. It's probably being redistributed but that's OK. Yes, external route. OK. So where were we? Let's


now... I'm just going to go for gold here. Let's see if we can oups, dragging the wrong window see if we can ping this now. Man! Why do you not work? laugh Oh, you work! Yes, I love it! I love it! I am so glad 'cause totally by instinct, I would just press Control, see right there and troubleshoot my brains out. I'm so glad I


took the moment away. Sometimes, the first thing fails simply of ARPA timed out, or whatever. Who knows why, but... Awesome. OK, that was good. Good scenario. So we've got now Server 1 ping able to reach isp3.tshoot.local, again, it saying browse but if I can ping it. I guess we can try and browse. It's just...if that


doesn't work, we can just turn it over to the application guys. Because if I can ping it, my job here is done! And because I am on a virtual machine that's running with a 386 processor. Alright, so.., come on, come can get there. http://isp3.tshoot.local. Beautiful! Welcome to the server in the Internet. laugh Thank you Nil. OK. So good. We are good with


scenario one. Good grief, that took a little while. But that's alright. That was good. That was a lot of good stuff in there. Let's do a little debrief. What we've seen here is we have seen the Client 2 access failure with first off, an issue with redistribution to where we did not specify a seed metric for OSPF and EIGRP.


So EIGRP routes come in with that default metric of infinity and so, are not accepted by the internal routers. Likewise, we did not add that subnets keyword, the other direction. So the OSPF router rejected the IEGRP summarized up because it said again, you are conflicting with a lot of my subnet mass coming in. IEGRP routes were not seen and so that resolves at least


the one server connectivity issue. The Internet connectivity though was an interesting one because, again, just looking at the neighbor relationships forming, they shouldn't have been that way and there were mysterious IP addresses. But once we diagrammed it all out, we saw that the CSW switches were using different timers than the IRO routers. So, once we adjusted the timer, everybody formed


a nice happy family relationship and our Internet access was restored. Now, I am wondering... I am wondering if this is gonna bleed through some of our other tickets because I know some of the other tickets were, you know, I can't access the internet and things like that. But we'll see. We may have solved other

Route TSHOOT: OSPF and Route Redistribution, Part 2

Route TSHOOT: BGP Concept Review


Route TSHOOT: Router Performance Issues Concept Review

Route TSHOOT: Router Performance Issues

Security TSHOOT: Access List Concept Review

Security TSHOOT: Access List Chaos

IPv6 TSHOOT: IPv6 and IPv6 Routing Protocols

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Intermediate 13 hrs 26 videos


Basic Plan Features

Speed Control
Included in this course
Play videos at a faster or slower pace.

Included in this course
Pick up where you left off watching a video.

Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Included in this course
Follow what the trainers are saying with ease.

Files/materials that supplement the video training

Premium Plan Features

Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Included in this course
Our mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Included in this course
Develop and maintain a study plan with assistance from coaches.
Jeremy Cioara
Nugget trainer since 2003