1
00:00:09,650 --> 00:00:16,309
This is one of multiple videos that demonstrate troubleshooting scenarios in campus environments.

2
00:00:16,480 --> 00:00:23,510
In this typology I have four switches configured switch one and switch to switches switch three and

3
00:00:23,510 --> 00:00:26,060
switch 4 are access switches.

4
00:00:26,330 --> 00:00:32,250
Now to keep the topology simple I haven't got cross-connects configured here or

5
00:00:32,390 --> 00:00:40,130
additional access switches. In my CCNA course, I show you a larger topology but for this troubleshooting

6
00:00:40,160 --> 00:00:42,430
video we'll keep it simple.

7
00:00:42,470 --> 00:00:50,750
We've been told that PC 1 in this network is not able to ping PC 2 in this topology I'm using routers to simulate

8
00:00:50,780 --> 00:00:51,810
PCs.

9
00:00:51,810 --> 00:01:04,980
So let's test that, can router 1 or PC 1 ping 10 132?

10
00:01:05,050 --> 00:01:07,650
So it looks like the pings are failing.

11
00:01:09,830 --> 00:01:18,950
PC 1 is in VLAN 2 and PC 2 is in VLAN 3, show IP route routing is disabled on this router

12
00:01:19,010 --> 00:01:24,660
but it does have a default gateway of 10.1.2.254.

13
00:01:24,700 --> 00:01:32,460
So we should be able to ping this default gateway, so ping 10.1.2.254.

14
00:01:32,920 --> 00:01:33,610
Yes, we can.

15
00:01:33,610 --> 00:01:36,340
Can we ping VLAN 3 on the default gateway?

16
00:01:36,340 --> 00:01:37,470
Yes, we can.

17
00:01:37,780 --> 00:01:42,850
So PC 1 can get to the default gateway.

18
00:01:42,850 --> 00:01:50,450
What about PC 2? See here's router 2 acting as PC 2, show IP interface brief.

19
00:01:50,800 --> 00:01:58,670
We have 10.1.3.2 configured show IP route default gateways 10.1.3.

20
00:01:58,670 --> 00:01:59,910
254.

21
00:02:00,070 --> 00:02:04,360
So can we ping that default gateway?

22
00:02:04,550 --> 00:02:07,180
Looks like we can't.

23
00:02:07,190 --> 00:02:13,800
So there seems to be a problem somewhere between PC 2 and switch 1.

24
00:02:14,240 --> 00:02:19,730
Let's check on switch 4 connected to PC 2.

25
00:02:19,810 --> 00:02:26,730
So this is switch 4 show IP interface brief.

26
00:02:26,920 --> 00:02:33,200
It's got an IP address of 10 114 ping 10.1.1.254

27
00:02:33,550 --> 00:02:35,070
that works.

28
00:02:35,200 --> 00:02:38,340
That is the default gateway of the switch.

29
00:02:38,620 --> 00:02:45,260
So the switch can ping it's default gateway can it ping 10.1.3.254?

30
00:02:45,460 --> 00:02:46,960
Yes, it can.

31
00:02:46,960 --> 00:02:53,930
So we've established that there's basic connectivity between this switch and the default gateway.

32
00:02:53,950 --> 00:02:57,220
Let's have a look at our trunks, so show interface trunk

33
00:02:59,830 --> 00:03:11,970
trunking is enabled on gigabit 00 that's the interface between switch 4 and switch 2 show CDP neighbors.

34
00:03:12,080 --> 00:03:18,030
We have a relationship to switch to but we've already proven that that works by being able to ping the

35
00:03:18,030 --> 00:03:28,950
default gateway VLANs are allowed across the trunk. Now can you spot a problem already in this topology?

36
00:03:29,040 --> 00:03:33,000
What's the problem based on that single command?

37
00:03:33,090 --> 00:03:37,190
Something's wrong, notice gigabit 

38
00:03:37,380 --> 00:03:41,980
00 is a trunk but it's only allowing villans 1 to 2 and 4

39
00:03:42,330 --> 00:03:45,410
but the PCs in VLAN 3.

40
00:03:45,410 --> 00:03:50,340
So let's have a look at the configuration of this gigabit interface.

41
00:03:50,340 --> 00:03:56,310
This interface is configured for trunking and we're not restricting any VLANs but we're only permitting

42
00:03:56,310 --> 00:04:08,010
VLANs 1 to 2 and 4 across the trunk show interface gigabit 01 switch port.

43
00:04:08,020 --> 00:04:09,750
What's wrong here?

44
00:04:10,120 --> 00:04:16,250
Can you spot the problem? We're looking at the output of this interface on this switch.

45
00:04:17,029 --> 00:04:17,940
What's wrong?

46
00:04:19,350 --> 00:04:20,730
Port is enabled

47
00:04:20,910 --> 00:04:29,370
It's set as static access it's configured to use access of helium 3 but notice this key word something's

48
00:04:29,370 --> 00:04:30,510
wrong.

49
00:04:30,510 --> 00:04:34,260
Show run interface gigabit 01.

50
00:04:34,260 --> 00:04:42,960
So the port is correctly configured to be in VLAN 3 but show VLAN brief will show us that there's

51
00:04:42,990 --> 00:04:44,280
a problem.

52
00:04:44,280 --> 00:04:45,710
Can you see the issue?

53
00:04:46,860 --> 00:04:50,580
Where is VLAN 3?

54
00:04:50,640 --> 00:04:52,100
So be careful.

55
00:04:52,320 --> 00:04:58,630
You can have a port configured in a VLAN and not have that VLAN in the VLAN database.

56
00:04:58,680 --> 00:05:03,100
If that's true the port is essentially error disabled it won't work.

57
00:05:03,150 --> 00:05:09,070
No traffic is gonna be sent through that port because it belongs to a rogue VLAN.

58
00:05:09,120 --> 00:05:11,430
This is often the case when VTP is used.

59
00:05:11,430 --> 00:05:19,680
If you delete a VLAN on another switch that update is propagated to other switches in the topology, VTP 

60
00:05:19,800 --> 00:05:25,450
removes the VLAN from the VLAN database but doesn't take the port out of the VLAN.

61
00:05:25,470 --> 00:05:31,950
This port is manually configured to be part of VLAN 3 but VLAN 3 doesn't exist in the

62
00:05:31,950 --> 00:05:40,380
VLAN database and hence the switch port command is showing us that that's an inactive VLAN on the

63
00:05:40,380 --> 00:05:41,170
port.

64
00:05:41,490 --> 00:05:43,110
That's a problem.

65
00:05:43,140 --> 00:05:53,960
So show VTP status is configured as a server the switch so let's create VLAN 3 show VLAN

66
00:05:53,970 --> 00:05:55,110
brief.

67
00:05:55,200 --> 00:06:00,970
Suddenly now we see port gigabit 01 configured in VLAN 3

68
00:06:01,350 --> 00:06:06,410
and when we look at the switch port we see that it's in VLAN 3.

69
00:06:06,570 --> 00:06:07,430
That looks good.

70
00:06:07,470 --> 00:06:11,910
So Ken wrote it to ping its default gateway.

71
00:06:12,150 --> 00:06:16,020
We may have to wait a while for things to update.

72
00:06:16,020 --> 00:06:24,910
But notice they the pings started succeeding Ken wrote a one now ping right to acting's PC too.

73
00:06:25,010 --> 00:06:26,180
Yes it can.

74
00:06:26,180 --> 00:06:29,620
So we've successfully result of the issue in this typology.

75
00:06:29,660 --> 00:06:30,920
Be careful.

76
00:06:30,920 --> 00:06:38,270
A port is statically configured in a villain but that requires the villain and the villain database.

77
00:06:38,270 --> 00:06:44,740
When using stented villans if the villain is not in the villain database the port is essentially in

78
00:06:44,960 --> 00:06:48,110
a rogue villain and is not used.

79
00:06:48,110 --> 00:06:51,270
Traffic will not be sent through that port.

80
00:06:51,380 --> 00:06:58,180
So I hope you found this video useful if you did please like it and please subscribe to my YouTube channel.

81
00:06:58,190 --> 00:07:00,760
I wish you all the very best.