Cisco Application Control Engine (ACE) Troubleshooting Guide -- Troubleshooting Ethernet Ports

From DocWiki

Revision as of 23:29, 9 March 2011 by Dakelley (Talk | contribs)
Jump to: navigation, search

This article describes the ACE appliance physical Gigabit Ethernet (GE) ports and how to troubleshoot port-related issues. note that the ACE module has no external ports of its own and it relies on the back plane of the Catalyst 6500 series switch for communication with the rest of the network.

Guide Contents
Main Article
Overview of ACE Troubleshooting
Understanding the ACE Module Architecture and Traffic Flow
Preliminary ACE Troubleshooting
Troubleshooting ACE Boot Issues
Troubleshooting with ACE Logging
Troubleshooting Connectivity
Troubleshooting Remote Access
Troubleshooting Access Control Lists
Troubleshooting Network Address Translation
Troubleshooting ACE Health Monitoring
Troubleshooting Layer 4 Load Balancing
Troubleshooting Layer 7 Load Balancing
Troubleshooting Redundancy
Troubleshooting SSL
Troubleshooting Performance Issues
ACE Resource Limits
Managing ACE Resources


Troubleshooting ACE Appliance Ethernet Ports

There are four gigabit Ethernet (GE) ports in an ACE appliance with a full duplex throughput of 1 Gbps each. To check the status of a GE port, enter the following command:

switch/Admin# show interface gigabitEthernet 1/2’’’

GigabitEthernet Port 1/2 is UP, line protocol is UP <----------------- If the GE port is down, then check that the corresponding interface on the Catalyst 6500 series switch or other
                                                                       Cisco switch is not shutdown and that the physical interface on the ACE appliance is not shutdown. Verify that
                                                                       the physical connectivity between the ACE and the Cisco 3750 series switch or the Catalyst 6500 is fine.
 Hardware is ACE Appliance 1000Mb 802.3, address is 00:1b:24:93:21:cf
 MTU 9216 bytes
 Full-duplex, 1000Mb/s
 COS bits based QoS is disabled
 input flow-control is off, output flow-control is off
    26556020169 packets input, 4515905164244 bytes, 0 dropped
    Received 15932917284 broadcasts (99696635 multicasts)
    0 runts , 0 giants
    0 FCS/Align errors , 0 runt FCS, 0 giant FCS
    1 packets output, 64 bytes
    1 broadcast, 0 multicast, 0 control output packets
    0 underflow, 0 single collision, 0 multiple collision output packets
    0 excessive collision and dropped, 0 Excessive Deferral and dropped

Configuring a Port Channel

You can assign VLANs directly under the physical interface or using a channel group. These can be trunked or access ports. For trunked ports, the default native VLAN is 1, which can you can change by entering the switchport trunk native vlan number command under the physical port or a channel group.

The following example shows how to configure a port channel in the ACE appliance:

interface port-channel 250
  switchport trunk native vlan 3
  switchport trunk allowed vlan 9,101-110,128,132,144,331,349
  no shutdown


interface port-channel 2
  switchport access vlan 5
  no shutdown

port-channel can be assigned to physical port using the channel-group command:
interface gigabitEthernet 1/2
  channel-group 250

By default, the load-balancing scheme is source-dest-mac. You can change it to destination-ip, destination mac, and so on using the port-channel load-balance <> command.

Troubleshooting Port Channels

If the configured VLAN or BVI does not come up, verify that the assigned port-channel is up and that it is configured correctly on the 3750 or Catalyst 6500 series switch, and check the physical ports.

To check the status of the port channel, enter the following command:

switch/Admin# show interface port-channel 250

PortChannel 250:
mode: Trunk
native vlan: 0
status: (UP), load-balance scheme: src-dst-mac  <<< if the channel-group is up.

PortChannel 250 mapped phyport: 1/2 1/3 <<< the physical interfaces to which the channel-group is assigned. 
PortChannel 250 mapped active phyport: 1/3  <<< from the above list, list of active interface.
PortChannel 250 allow vlan:  vlan<9>  vlan<101>-<110>  vlan<128>  vlan<132>  vlan<144>  vlan<331>  vlan<349>  << Assigned vlans
    33581781 packets input, 2333352580 bytes, 0 dropped
    Received 20430421 broadcasts (13005450 multicasts)
    0 runts , 0 giants
    0 FCS/Align errors , 0 runt FCS, 0 giant FCS
    10944303 packets output, 744212928 bytes
    10944285 broadcast, 18 multicast, 0 control output packets
    0 underflow, 0 single collision, 0 multiple collision output packets
    0 excessive collision and dropped, 0 Excessive Deferral and dropped

Troubleshooting VLANs on the Physical Ports

Vlan assignment on physical ports:

interface gigabitEthernet 1/1

 switchport access vlan 77
 no shutdown

or interface gigabitEthernet 1/1

 switchport trunk native vlan 3
 switchport trunk allowed vlan 77
 no shutdown

To check the list of VLANs that are up on the physical interface, enter the ‘’’show vlans’’’ command.

switch/Admin# show vlans Vlans configured on physical port(s)

vlan3  vlan5  vlan9-10  vlan30  vlan77  vlan101-110  vlan128  vlan132  vlan144
vlan331  vlan349


Finally, enter the show interface vlan command to see that the specified VLAN is up:

switch/Admin# show in interface inventory switch/Admin# show interface vlan 77

vlan77 is up, administratively up

 Hardware type is VLAN
 MAC address is 00:1b:24:78:b1:e8
 Virtual MAC address is 00:0b:fc:fe:1b:15
 Mode : routed
 IP address is netmask is
 FT status is active
 Description:not set
 MTU: 1500 bytes
 Last cleared: never
 Last Changed: Thu Mar 18 13:27:20 2010
 No of transitions: 1
 Alias IP address not set
 Peer IP address is Peer IP netmask is
 Assigned on the physical port, up on the physical port
    170 unicast packets input, 412878159 bytes
    2231611 multicast, 3730365 broadcast
    0 input errors, 0 unknown, 0 ignored, 0 unicast RPF drops
    105 unicast packets output, 2949996 bytes
    2 multicast, 45981 broadcast
    0 output errors, 0 ignored


Rating: 0.0/5 (0 votes cast)

Personal tools