Testing and Troubleshooting Routes

Testing and Troubleshooting Routes
What you need to understand at this point is that the tools you will use to test connectivity will
also be used to troubleshoot connectivity issues.
There are two tools that can be used for these tasks:
 Ping
 Traceroute
One of the tools you should use in the testing and troubleshooting phase is Ping. The ping command
is used to test IP connectivity to a destination. Ping uses ICMP to accomplish this task. With
debugging turned on for ICMP packets, let’s take a look at how Ping accomplishes this:
3640#debug ip icmp
ICMP packet debugging is on
3640#ping 10.10.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
3640#
2d01h: ICMP: echo reply rcvd, src 10.10.10.1, dst 10.10.10.2
2d01h: ICMP: echo reply rcvd, src 10.10.10.1, dst 10.10.10.2
2d01h: ICMP: echo reply rcvd, src 10.10.10.1, dst 10.10.10.2
2d01h: ICMP: echo reply rcvd, src 10.10.10.1, dst 10.10.10.2
2d01h: ICMP: echo reply rcvd, src 10.10.10.1, dst 10.10.10.2
Verifying and Testing a Route 31
So, what happened? Router 3640 sent an ICMP echo to 10.10.10.1 on router 2501.
Router 2501 received the ICMP echo from router 3640 and sent an ICMP echo reply telling
router 3640 the packet has reached its destination of 10.10.10.1 on router 2501, signifying
a successful ping. If the destination network were unreachable, when router 2501 received
the ICMP echo from router 3640, it would have dropped the packet and returned an ICMP
destination unreachable message.
Now that you understand the concept of Ping and how it works, you need to learn how to
implement it. Using Ping is relatively simple. All you need to do is enter the command ping followed
by the address or host name of the device you want to ping (omitting the address/host
name parameter from the command will begin the extended ping dialog, allowing you to alter
the default settings and have more control over the process):
3640#ping 10.10.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Let’s examine the information you receive back:
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
Sending 5 This means you are sending five packets.
100-byte The size of each packet.
ICMP Echos The type of packet sent.
10.10.10.1 The destination address.
timeout is 2 seconds The packet will be deemed dropped if an echo reply is not received
within two seconds.
The ! symbol represents a successful ping. A ping that has timed out would be represented
by a period, such as:
.....
Let’s examine the last line of the sequence:
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Success rate The percentage of successful packets sent and received.
(5/5) This means five packets were sent and five packets were received back.
round-trip min/avg/max These values represent the shortest, average, and longest times it
took to receive an ICMP echo reply.
Ping may be an easy concept to grasp, but it is the one tool you will use the most as a network
engineer.
32 Chapter 1  Routing Principles
The other tool that will be used for testing and troubleshooting a route is Traceroute. The
traceroute command gives you a router-by-router account of the path a packet takes to get
to a destination. It does not, however, supply information on the return path of user or ICMP
packets, which could be different, depending on reverse-route selection among the routers in the
internetwork. Traceroute is best used when you need to discover the location where the packet
is being dropped or a routing loop occurs.
Traceroute takes advantage of the time to live (TTL) field of an IP packet. The value of the
TTL field represents how many layer 3 devices (hops) a packet can enter before it is dropped.
Traceroute exploits this by setting the TTL to a value of 1 in the IP header of a UDP port 33434
packet that it sends toward the destination.
IANA reserves this TCP/UDP port number for traceroute use. There are also
about 800 additional port numbers following this value that are unassigned
and possibly available for traceroute use. The key is to use a port number that
will not be active on the destination device.
The packet will reach the first router in the path, which will, as one of its first layer 3 tasks,
decrease the TTL by 1 to 0 and drop the packet with no further processing. The executing router
sends an ICMP time exceeded message to the traceroute originator. The originator then increases
the TTL by 1 to a value of 2 and sends the packet toward the destination. The packet reaches the
first router in the path and the TTL is decreased by 1 to a value of 1. That router then forwards
the packet toward the second router in the path to the destination. The second router then
decreases the TTL by 1 to a value of 0.
At this point, the packet is dropped and an ICMP time exceeded message is sent to the originator.
This process continues until the destination is reached or the maximum TTL (30, by default) has
been used. The originator displays the identity of the executioner upon receipt of each time exceeded
message, creating a sequenced list of devices between the traceroute originator and target. The originator
knows the trace is over when it receives an ICMP destination port unreachable message from
the traceroute target, indicating that the packet made it all the way to the intended recipient, and
there are no more intermediate devices to discover. Cisco devices offer an extended traceroute
command, while in privileged EXEC mode, that can be used to adjust defaults, like maximum TTL
and source IP address.
All you need to do in order to use the basic traceroute command is to enter traceroute followed
by the destination address. Just entering traceroute will begin the dialog for the extended
traceroute command. Here’s an example of a successful traceroute from router R1 in Figure 1.3:
R1#traceroute 11.11.11.1
Type escape sequence to abort.
Tracing the route to 11.11.11.1
1 12.12.12.2 12 msec 12 msec 12 msec
2 10.10.10.2 24 msec 24 msec *
R1#