Getting Information About Remote Devices 629 Getting Information About Remote Devices This section describes Telnet, ping, and traceroute, which can be used to obtain infor- mation about remote devices, as shown in Figure 13-3. Figure 13-3 Testing Process Overview Telnet Telnet is a virtual terminal protocol that is part of the TCP/IP protocol suite. Telnet enables you to make connections to remote hosts and makes it possible for a network terminal to remotely log in. telnet is a Cisco IOS Software EXEC command used to verify the application layer software between source and destination. This command is the most complete test mechanism available. Telnet performs at the application layer of the OSI model, and it depends on TCP to guarantee the correct and orderly delivery of data between the client and server. A router can have simultaneous incoming Telnet sessions. The range 0 through 4 spec- ifies five vty or Telnet lines. These five incoming Telnet sessions can take place at one time. Verifying the application layer connectivity is a byproduct of Telnet. Telnet is mainly used to connect to remote network devices, such as routers, switches, and servers, to gather information or perform maintenance. It is a simple and universal application program. Establishing and Verifying a Telnet Connection The telnet Cisco IOS Software EXEC command allows a user to Telnet from one Cisco device to another. With the Cisco implementation of TCP/IP, you do not have to enter the command connect or telnet to establish a Telnet connection. Just enter the host name or the IP address of the remote router. To end a Telnet session, use the EXEC commands exit or logout. Figure 13-4 demonstrates initiating and exiting a Telnet connection. telnet ping trace show ip route show interface 1102.book Page 629 Tuesday, May 20, 2003 2:53 PM 630 Chapter 13: Learning About Neighboring and Remote Devices Figure 13-4 Telnet Operation A host name table or access to DNS for Telnet must be present for a name to work in a Telnet session; otherwise, the IP address of the host must be entered. To initiate a Telnet session, use any of the following alternatives: Denver>connect paris Denver>paris Denver>131.108.100.152 Denver>telnet paris You can use Telnet to perform a test to determine whether access can or cannot be obtained from a remote router. As shown in Figure 13-5, if Telnet is successful in con- necting the York router to the Paris router, a basic test of the network connection is successful. This operation can be performed at either the user or privileged EXEC levels. Figure 13-5 Testing the Application Layer If remote access can be obtained through another router, at least one TCP/IP applica- tion can reach the remote router. A successful Telnet connection indicates that the upper-layer application functions properly. A successful Telnet can occur to one router, but fail to another router. Specific addressing, naming, or access permission problems are likely culprits for Telnet failure. Further, it is Denver>telnet paris Denver>exit 1102.book Page 630 Tuesday, May 20, 2003 2:53 PM Getting Information About Remote Devices 631 possible that the problem exists on the source router or on the router that failed as a Telnet target. In this case, the next step is to try ping, which is covered later in this chapter. ping allows testing of end-to-end connections at the network layer. Once the Telnet is completed, log off the host. The EXEC terminates any connection after ten minutes of inactivity by default or when you enter the exit command at the EXEC prompt. Advanced Telnet Operation You might have several concurrent Telnet sessions open, and you can switch back and forth between these sessions. The number of open sessions that are allowed at one time is defined by the session limit command. To switch between sessions by escaping from one session and resuming a previous opened session, use the following commands: ■ Ctrl + Shift + 6 followed by hitting the letter x—Escapes the current connection and returns to the EXEC prompt ■ resume—Makes the connection You can make a new connection while at the EXEC prompt. Most routers are limited to five simultaneous sessions. You can use and suspend multiple Telnet sessions with the Ctrl + Shift + 6 followed by hitting the letter x sequence. The session can be resumed by using the Enter key. If the Enter key is used, Cisco IOS Software resumes the connection to the most recently sus- pended Telnet connection. Using the resume command requires a connection ID, and you can display the connection IDs for all open sessions by using the show sessions command. Lab Activity Establishing and Verifying a Telnet Connection In this activity, you establish a Telnet connection to a remote router and gather information from it. Lab Activity Disconnecting and Suspending Telnet Sessions In this activity, you establish a Telnet session to a remote router. You tempo- rarily suspend and then resume the session. 1102.book Page 631 Tuesday, May 20, 2003 2:53 PM 632 Chapter 13: Learning About Neighboring and Remote Devices Alternative Connectivity Tests The following sections cover many of the commands that can be used to test and examine connectivity between devices. The tools and commands described in this section are as follows: ■ ping ■ traceroute ■ show ip route ■ show interfaces serial ■ show interfaces/clear counter ■ debug The ping Command Many network protocols support an echo protocol as an aid to diagnosing basic net- work connectivity. Echo protocols test whether or not protocol packets are being routed. The ping command sends a packet to the destination host and then waits for a reply packet from that host. Results from this echo protocol can help evaluate the path-to- host reliability, delays over the path, and if the host can be reached or is functioning. This command is a basic testing mechanism, and its operation can be performed in either the user or privileged EXEC modes. The ping user EXEC command can be used to diagnose basic network connectivity. Use the ping command as follows: 1. ping IP address or name of destination. 2. Press the Enter key. Table 13-3 shows the Cisco ping return codes. ping uses Internet Control Message Protocol (ICMP). Lab Activity Advanced Telnet Operation In this activity, you use the telnet command to remotely access other routers, verifying that the application layer between source and destination is working properly. You suspend a Telnet session and engage in multiple Telnet sessions. You return to the suspended session and disconnect from the Telnet session. 1102.book Page 632 Tuesday, May 20, 2003 2:53 PM Getting Information About Remote Devices 633 Figure 13-6 offers a sample diagram to demonstrate how ping works. Figure 13-6 Testing with the ping Command Table 13-3 Cisco ping Return Codes Code Meaning Possible Cause(s) ! Each exclamation point indicates receipt of an ICMP echo reply. The ping completed successfully. . Each period indicates that the network server timed out while waiting for a reply. This message can indicate many problems: ping was blocked by an access list or firewall. A router along the path did not have a route to the destination and did not send an ICMP destination unreachable message. A physical connectivity problem occurred somewhere along the path. U An ICMP unreachable mes- sage was received. A router along the path did not have a route to the destination address. C An ICMP source quench message was received. A device along the path—possibly the desti- nation—might be receiving too much traffic; check input queues. & An ICMP time exceeded message was received. A routing loop might have occurred. 1102.book Page 633 Tuesday, May 20, 2003 2:53 PM 634 Chapter 13: Learning About Neighboring and Remote Devices The ping target 172.16.1.5 in Figure 13-6 responded successfully to all five datagrams sent as indicated by the following: Router>ping 172.16.1.5 Type escape sequence to abort. Sending 5, 100 byte ICMP Echos to 172.16.1.5, timeout is 2 seconds: !!!!! Success rate is 100 percent, round-trip min/avg/max – 1/3/4 ms Router> The exclamation points (!) indicate each successful echo. If one or more periods (.) are received instead of exclamations on the display, the application on the router timed out waiting for a given packet echo from the ping target. The traceroute Command The traceroute command (abbreviated as trace) is the ideal tool for finding where data is being sent in a network. The traceroute command is similar to the ping command, except that instead of testing end-to-end connectivity, traceroute tests each step along the way. This operation can be performed at either the user or privileged EXEC levels. Use the traceroute command as follows: 1. traceroute IP address or name of destination. 2. Press the Enter key. Table 13-4 shows the Cisco traceroute return codes. Lab Activity Alternate Connectivity Tests (ping) In this activity, you use the ping command to send ICMP datagrams to a target host and verify that the network layer between source and destination is work- ing properly. You retrieve information to evaluate the path-to-host reliability, determine delays over the path, and determine if the host can be reached or is functioning. Table 13-4 Cisco traceroute Return Codes Code Meaning Possible Cause(s) nn msec This gives, for each node, the round-trip time (in milliseconds) for the specified number of probes. This is normal. 1102.book Page 634 Tuesday, May 20, 2003 2:53 PM Getting Information About Remote Devices 635 To demonstrate how traceroute works, look at the sample diagram in Figure 13-7. Figure 13-7 traceroute Command In this example, the path from York to Rome is being traced with the following results: York# trace Rome Type escape to abort. Tracing the route to Rome (172.16.33.5) 1 LONDON (172.16.12.3) 1000 msec 8 msec 4 msec 2 PARIS (172.16.16.2) 8 msec 8 msec 8 msec 3 ROME (172.16.35.5) 8 msec 8 msec 4 msec York# Along the way, the path must go through London and Paris. If one of these routers is unreachable, three asterisks (*) are returned instead of the name of the router. The * The probe timed out. A device along the path either did not receive the probe or did not reply with an ICMP “packet life exceeded” message. A Administratively prohibited. A device along the path, such as a firewall or router, might be block- ing the probe and possibly other or all traffic; check access lists. Q Source quench. A device along the path might be receiving too much traffic; check input queues. H An ICMP unreachable message has been received. A routing loop might have occurred. Table 13-4 Cisco traceroute Return Codes (Continued) Code Meaning Possible Cause(s) Rome 172.16.12.3 172.16.16.2 172.16.33.5 York London Paris 1102.book Page 635 Tuesday, May 20, 2003 2:53 PM 636 Chapter 13: Learning About Neighboring and Remote Devices traceroute command will continue attempting to reach the next step until the Ctrl- Shift-6 escape sequence is used. The traceroute command takes advantage of the error messages generated by routers when a packet exceeds its TTL or hop count value. The traceroute command sends several ping packets with an incrementing TTL value and displays the round-trip time for each. Because the TTL value is incremented each time a ping is sent, each succes- sive ping gets closer to the destination. The benefit of the traceroute command is that it also tells which router in the path was the last one to be reached, which allows for fault isolation. Testing the Network Layer with the show ip route Command The router offers some powerful tools at this point in the search. You can actually look at the routing table, which contains directions that the router uses to determine how it will direct traffic across the network, and use another basic test that focuses on the net- work layer. Use the show ip route command as demonstrated in Example 13-5 to determine whether a routing table entry exists for the target network. The output in Example 13-5 shows that Rome (131.108.33.0) is reachable by Paris (131.108.16.2) via the Ethernet1 interface. Example 13-5 show ip route Command Output Paris# show ip route Codes: I – IGRP derived, R – RIP derived, O – OSPF derived C – connected, S – static, E – EGP derived, B – BGP derived i – IS-IS derived, D – EIGRP derived * - candidate default route, IA – OSPF inter area route E1 – OSPF external type 1 route, E2 – OSPF external type 2 route L1 – IS-IS level-1 route, L2 – IS-IS level-2 route EX – EIGRP external route Gateway of last resort is not set I 144.253.0.0 [100/1300] via 133.3.32.2 0:00:22 Ethernet1 131.108.0.0 is subnetted (mask is 255.255.255.0), 3 subnets I 131.108.33.0 [100/180771] via 131.108.16.2, 0:01:29, Ethernet1 C 131.108.12.0 is directly connected, Ethernet1 C 101.108.16.0 is directly connected, Ethernet0 I 219.100.103.0 [100/1200] via 133.3.32.2, 0:00:22, Ethernet1 1102.book Page 636 Tuesday, May 20, 2003 2:53 PM Getting Information About Remote Devices 637 Testing the Physical and Data Link Layers with the show interfaces serial Command Figure 13-8 shows a serial connection between two router interfaces. The interface has two pieces, physical (hardware) and logical (software): ■ The hardware (including cables, connectors, and interfaces) must make the actual connection between the devices. ■ The software is responsible for the messages, such as keepalive messages, control information, and user information, that are passed between adjacent devices. This data is being passed between the two connected router interfaces. Figure 13-8 Testing the Physical and Data Link Layers When you test the physical and data link layers, ask these questions: ■ Is there a carrier detect signal? ■ Is the physical link between devices good? ■ Are the keepalive messages being received? ■ Can data packets be sent across the physical link? One of the most important elements of the show interfaces serial command output is the display of the line and data link protocol status. Figure 13-9 indicates the key sum- mary line used to check the status of the line and the data link protocol. Lab Activity Alternate Connectivity Tests (traceroute and show ip route) In this activity, you use the traceroute Cisco IOS Software command to verify that the network layer between source, destination, and each router along the way is working properly. The tracert Windows OS command is used from source workstation to destination router. You also use the show ip route command to display the router’s routing table. Link Data ? 1102.book Page 637 Tuesday, May 20, 2003 2:53 PM 638 Chapter 13: Learning About Neighboring and Remote Devices Figure 13-9 Identifying Line and Protocol Problems The line status in this example is triggered by a carrier detect signal and refers to the physical layer status. However, the line protocol, triggered by keepalive frames, refers to data link framing (a Layer 2 function). Using the show interfaces and clear counters Commands The router tracks statistics that provide information about the interfaces. Use the show interfaces command to display the statistics, as demonstrated in Example 13-6. Example 13-6 show interfaces Command Output Router# show interfaces serial 1 Serial1 is up, line protocol is up Hardware is cxBus Serial Description: 56Kb Line San Jose – MP Internet address is 150.136.190.203, subnet mask is 255.255.255.0 MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 0:00:07, output 0:00:)), output hang never Last clearing of show interfaces counters 2w4d Output queue 0/40, 0 drops; input queue 0/75, 0 drops Five minute input rate 0 bits/sec, 0 packets/sec Five minute output rate 0 bits/sec, 0 packets/sec 16263 packets input, 1347238 bytes, no buffer Received 13983 broadcasts, 0 runts, 0 giants 2 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 2 abort 0 input packets with dribble condition detected Router# show int s 1 Serial1 is up, line protocol is up Hardware is cxBus Serial Description. 56Kb Line San Jose - MP Carrier detect (line status) Keepalives Serial1 is up, line protocol is up Serial1 is up, line protocol is down Serial1 is down, line protocol is down Serial1 is administratively down, line protocol is down Operational Connection Problem Interface Problem Disabled 1102.book Page 638 Tuesday, May 20, 2003 2:53 PM . set I 14 4 .25 3.0.0 [10 0 /13 00] via 13 3.3. 32. 2 0:00 :22 Ethernet1 13 1 .10 8.0.0 is subnetted (mask is 25 5 .25 5 .25 5.0), 3 subnets I 13 1 .10 8.33.0 [10 0 /18 07 71] via 13 1 .10 8 .16 .2, 0: 01: 29 , Ethernet1 C 13 1 .10 8 . 12 .0. 13 1 .10 8 . 12 .0 is directly connected, Ethernet1 C 10 1 .10 8 .16 .0 is directly connected, Ethernet0 I 21 9 .10 0 .10 3.0 [10 0 / 12 00] via 13 3.3. 32. 2, 0:00 :22 , Ethernet1 11 02. book Page 636 Tuesday, May 20 , 20 03 2: 53. occurred. Table 13 -4 Cisco traceroute Return Codes (Continued) Code Meaning Possible Cause(s) Rome 17 2 .16 . 12 .3 17 2 .16 .16 .2 17 2 .16 .33.5 York London Paris 11 02. book Page 635 Tuesday, May 20 , 20 03 2: 53 PM 636