Cisco Application Control Engine (ACE) Troubleshooting Guide -- Troubleshooting Ethernet Ports

From DocWiki

Latest revision as of 21:29, 11 March 2011

This article describes the ACE appliance physical Gigabit Ethernet (GE) ports and how to troubleshoot port-related issues. Note that the ACE module has no external ports of its own and it relies on the back plane of the Catalyst 6500 series switch for communication with the rest of the network.

Troubleshooting ACE Appliance Ethernet Ports

There are four gigabit Ethernet (GE) ports in an ACE appliance with a full duplex throughput of 1 Gbps each. To check the status of a GE port, enter the following command:

switch/Admin# show interface gigabitEthernet 1/2

GigabitEthernet Port 1/2 is UP, line protocol is UP <----------------- If the GE port is down, then check that the corresponding interface on the Catalyst 6500 series switch or other
                                                                       Cisco switch is not shutdown and that the physical interface on the ACE appliance is not shutdown. Verify that
                                                                       the physical connectivity between the ACE and the Cisco 3750 series switch or the Catalyst 6500 is fine.
 Hardware is ACE Appliance 1000Mb 802.3, address is 00:1b:24:93:21:cf
 MTU 9216 bytes
 Full-duplex, 1000Mb/s
 COS bits based QoS is disabled
 input flow-control is off, output flow-control is off
    26556020169 packets input, 4515905164244 bytes, 0 dropped
    Received 15932917284 broadcasts (99696635 multicasts)
    0 runts , 0 giants
    0 FCS/Align errors , 0 runt FCS, 0 giant FCS
    1 packets output, 64 bytes
    1 broadcast, 0 multicast, 0 control output packets
    0 underflow, 0 single collision, 0 multiple collision output packets
    0 excessive collision and dropped, 0 Excessive Deferral and dropped

Configuring a Port Channel

You can assign VLANs directly under the physical interface or using a channel group. These can be trunked or access ports. For trunked ports, the default native VLAN is 1, which can you can change by entering the switchport trunk native vlan number command under the physical port or a channel group.

The following example shows how to configure a port channel in the ACE appliance:

interface port-channel 250
  switchport trunk native vlan 3
  switchport trunk allowed vlan 9,101-110,128,132,144,331,349
  no shutdown

or 

interface port-channel 2
  switchport access vlan 5
  no shutdown

port-channel can be assigned to physical port using the channel-group command:
interface gigabitEthernet 1/2
  channel-group 250
  shutdown

By default, the load-balancing scheme is source-dest-mac. You can change it to destination-ip, destination mac, and so on using the port-channel load-balance command.

Troubleshooting Port Channels

If the configured VLAN or BVI does not come up, verify that the assigned port-channel is up and that it is configured correctly on the 3750 or Catalyst 6500 series switch, and check the physical ports.

To check the status of the port channel, enter the following command:

switch/Admin# show interface port-channel 250

PortChannel 250:
----------------------------
Description:
mode: Trunk
native vlan: 0
status: (UP), load-balance scheme: src-dst-mac  <<< if the channel-group is up.

PortChannel 250 mapped phyport: 1/2 1/3 <<< the physical interfaces to which the channel-group is assigned. 
PortChannel 250 mapped active phyport: 1/3  <<< from the above list, list of active interface.
PortChannel 250 allow vlan:  vlan<9>  vlan<101>-<110>  vlan<128>  vlan<132>  vlan<144>  vlan<331>  vlan<349>  << Assigned vlans
    33581781 packets input, 2333352580 bytes, 0 dropped
    Received 20430421 broadcasts (13005450 multicasts)
    0 runts , 0 giants
    0 FCS/Align errors , 0 runt FCS, 0 giant FCS
    10944303 packets output, 744212928 bytes
    10944285 broadcast, 18 multicast, 0 control output packets
    0 underflow, 0 single collision, 0 multiple collision output packets
    0 excessive collision and dropped, 0 Excessive Deferral and dropped

Troubleshooting VLANs on the Physical Ports

The following example shows how to configure the VLANs on the physical ports:

interface gigabitEthernet 1/1
  switchport access vlan 77
  no shutdown

or

interface gigabitEthernet 1/1
  switchport trunk native vlan 3
  switchport trunk allowed vlan 77
  no shutdown

To check the list of VLANs that are up on the physical interface, enter the ‘following command:

switch/Admin# show vlans
Vlans configured on physical port(s)
 vlan3  vlan5  vlan9-10  vlan30  vlan77  vlan101-110  vlan128  vlan132  vlan144
 vlan331  vlan349

Finally, to see that the specified VLAN is up, enter the following command:

switch/Admin# show interface vlan 77

vlan77 is up, administratively up

  Hardware type is VLAN
  MAC address is 00:1b:24:78:b1:e8
  Virtual MAC address is 00:0b:fc:fe:1b:15
  Mode : routed
  IP address is 77.5.0.11 netmask is 255.0.0.0
  FT status is active
  Description:not set
  MTU: 1500 bytes
  Last cleared: never
  Last Changed: Thu Mar 18 13:27:20 2010
  No of transitions: 1
  Alias IP address not set
  Peer IP address is 77.5.0.12 Peer IP netmask is 255.0.0.0
  Assigned on the physical port, up on the physical port

     170 unicast packets input, 412878159 bytes
     2231611 multicast, 3730365 broadcast
     0 input errors, 0 unknown, 0 ignored, 0 unicast RPF drops
     105 unicast packets output, 2949996 bytes
     2 multicast, 45981 broadcast
     0 output errors, 0 ignored