Cisco Application Control Engine (ACE) Troubleshooting Guide -- Troubleshooting Ethernet Ports
This article describes the ACE appliance physical Gigabit Ethernet (GE) ports and how to troubleshoot port-related issues. Note that the ACE module has no external ports of its own and it relies on the back plane of the Catalyst 6500 series switch for communication with the rest of the network.
Troubleshooting ACE Appliance Ethernet Ports
There are four gigabit Ethernet (GE) ports in an ACE appliance with a full duplex throughput of 1 Gbps each. To check the status of a GE port, enter the following command:
switch/Admin# show interface gigabitEthernet 1/2 GigabitEthernet Port 1/2 is UP, line protocol is UP <----------------- If the GE port is down, then check that the corresponding interface on the Catalyst 6500 series switch or other Cisco switch is not shutdown and that the physical interface on the ACE appliance is not shutdown. Verify that the physical connectivity between the ACE and the Cisco 3750 series switch or the Catalyst 6500 is fine. Hardware is ACE Appliance 1000Mb 802.3, address is 00:1b:24:93:21:cf MTU 9216 bytes Full-duplex, 1000Mb/s COS bits based QoS is disabled input flow-control is off, output flow-control is off 26556020169 packets input, 4515905164244 bytes, 0 dropped Received 15932917284 broadcasts (99696635 multicasts) 0 runts , 0 giants 0 FCS/Align errors , 0 runt FCS, 0 giant FCS 1 packets output, 64 bytes 1 broadcast, 0 multicast, 0 control output packets 0 underflow, 0 single collision, 0 multiple collision output packets 0 excessive collision and dropped, 0 Excessive Deferral and dropped
Configuring a Port Channel
You can assign VLANs directly under the physical interface or using a channel group. These can be trunked or access ports. For trunked ports, the default native VLAN is 1, which can you can change by entering the switchport trunk native vlan number command under the physical port or a channel group.
The following example shows how to configure a port channel in the ACE appliance:
interface port-channel 250 switchport trunk native vlan 3 switchport trunk allowed vlan 9,101-110,128,132,144,331,349 no shutdown or interface port-channel 2 switchport access vlan 5 no shutdown port-channel can be assigned to physical port using the channel-group command: interface gigabitEthernet 1/2 channel-group 250 shutdown
By default, the load-balancing scheme is source-dest-mac. You can change it to destination-ip, destination mac, and so on using the port-channel load-balance command.
Troubleshooting Port Channels
If the configured VLAN or BVI does not come up, verify that the assigned port-channel is up and that it is configured correctly on the 3750 or Catalyst 6500 series switch, and check the physical ports.
To check the status of the port channel, enter the following command:
switch/Admin# show interface port-channel 250 PortChannel 250: ---------------------------- Description: mode: Trunk native vlan: 0 status: (UP), load-balance scheme: src-dst-mac <<< if the channel-group is up. PortChannel 250 mapped phyport: 1/2 1/3 <<< the physical interfaces to which the channel-group is assigned. PortChannel 250 mapped active phyport: 1/3 <<< from the above list, list of active interface. PortChannel 250 allow vlan: vlan<9> vlan<101>-<110> vlan<128> vlan<132> vlan<144> vlan<331> vlan<349> << Assigned vlans 33581781 packets input, 2333352580 bytes, 0 dropped Received 20430421 broadcasts (13005450 multicasts) 0 runts , 0 giants 0 FCS/Align errors , 0 runt FCS, 0 giant FCS 10944303 packets output, 744212928 bytes 10944285 broadcast, 18 multicast, 0 control output packets 0 underflow, 0 single collision, 0 multiple collision output packets 0 excessive collision and dropped, 0 Excessive Deferral and dropped
Troubleshooting VLANs on the Physical Ports
The following example shows how to configure the VLANs on the physical ports:
interface gigabitEthernet 1/1 switchport access vlan 77 no shutdown or interface gigabitEthernet 1/1 switchport trunk native vlan 3 switchport trunk allowed vlan 77 no shutdown
To check the list of VLANs that are up on the physical interface, enter the ‘following command:
switch/Admin# show vlans Vlans configured on physical port(s) vlan3 vlan5 vlan9-10 vlan30 vlan77 vlan101-110 vlan128 vlan132 vlan144 vlan331 vlan349
Finally, to see that the specified VLAN is up, enter the following command:
switch/Admin# show interface vlan 77 vlan77 is up, administratively up Hardware type is VLAN MAC address is 00:1b:24:78:b1:e8 Virtual MAC address is 00:0b:fc:fe:1b:15 Mode : routed IP address is 18.104.22.168 netmask is 255.0.0.0 FT status is active Description:not set MTU: 1500 bytes Last cleared: never Last Changed: Thu Mar 18 13:27:20 2010 No of transitions: 1 Alias IP address not set Peer IP address is 22.214.171.124 Peer IP netmask is 255.0.0.0 Assigned on the physical port, up on the physical port 170 unicast packets input, 412878159 bytes 2231611 multicast, 3730365 broadcast 0 input errors, 0 unknown, 0 ignored, 0 unicast RPF drops 105 unicast packets output, 2949996 bytes 2 multicast, 45981 broadcast 0 output errors, 0 ignored