telnet is a Cisco IOS Software EXEC command used to verify the application layer software between source and destination.. Establishing and Verifying a Telnet Connection The telnet Cisc
Trang 1Getting Information About Remote Devices
This section describes Telnet, ping, and traceroute, which can be used to obtain
infor-mation about remote devices, as shown in Figure 13-3
Figure 13-3 Testing Process Overview
Telnet
Telnet is a virtual terminal protocol that is part of the TCP/IP protocol suite Telnet
enables you to make connections to remote hosts and makes it possible for a network
terminal to remotely log in telnet is a Cisco IOS Software EXEC command used to
verify the application layer software between source and destination This command is
the most complete test mechanism available
Telnet performs at the application layer of the OSI model, and it depends on TCP to
guarantee the correct and orderly delivery of data between the client and server
A router can have simultaneous incoming Telnet sessions The range 0 through 4
spec-ifies five vty or Telnet lines These five incoming Telnet sessions can take place at one
time
Verifying the application layer connectivity is a byproduct of Telnet Telnet is mainly
used to connect to remote network devices, such as routers, switches, and servers, to
gather information or perform maintenance It is a simple and universal application
program
Establishing and Verifying a Telnet Connection
The telnet Cisco IOS Software EXEC command allows a user to Telnet from one Cisco
device to another With the Cisco implementation of TCP/IP, you do not have to enter
the command connect or telnet to establish a Telnet connection Just enter the host name
or the IP address of the remote router To end a Telnet session, use the EXEC commands
exit or logout Figure 13-4 demonstrates initiating and exiting a Telnet connection.
Application Presentation Session Transport Network Data Link Physical
telnet
7 6 5 4 3 2 1
ping trace show ip route
show interface
Trang 2Figure 13-4 Telnet Operation
A host name table or access to DNS for Telnet must be present for a name to work in
a Telnet session; otherwise, the IP address of the host must be entered To initiate a Telnet session, use any of the following alternatives:
Denver>connect paris Denver>paris
Denver>131.108.100.152 Denver>telnet paris
You can use Telnet to perform a test to determine whether access can or cannot be obtained from a remote router As shown in Figure 13-5, if Telnet is successful in con-necting the York router to the Paris router, a basic test of the network connection is successful This operation can be performed at either the user or privileged EXEC levels
Figure 13-5 Testing the Application Layer
If remote access can be obtained through another router, at least one TCP/IP applica-tion can reach the remote router A successful Telnet connecapplica-tion indicates that the upper-layer application functions properly
A successful Telnet can occur to one router, but fail to another router Specific addressing, naming, or access permission problems are likely culprits for Telnet failure Further, it is
Denver
Paris
Tokyo
IP: 131.108.100.152 Initiate a Session:
Denver>telnet paris
Exit a Session:
Denver>exit
Paris
Application
Trang 3possible that the problem exists on the source router or on the router that failed as a
Telnet target In this case, the next step is to try ping, which is covered later in this
chapter ping allows testing of end-to-end connections at the network layer.
Once the Telnet is completed, log off the host The EXEC terminates any connection
after ten minutes of inactivity by default or when you enter the exit command at the
EXEC prompt
Advanced Telnet Operation
You might have several concurrent Telnet sessions open, and you can switch back and
forth between these sessions The number of open sessions that are allowed at one time
is defined by the session limit command.
To switch between sessions by escaping from one session and resuming a previous
opened session, use the following commands:
■ Ctrl + Shift + 6 followed by hitting the letter x—Escapes the current connection
and returns to the EXEC prompt
■ resume—Makes the connection
You can make a new connection while at the EXEC prompt Most routers are limited
to five simultaneous sessions
You can use and suspend multiple Telnet sessions with the Ctrl + Shift + 6 followed by
hitting the letter x sequence The session can be resumed by using the Enter key If the
Enter key is used, Cisco IOS Software resumes the connection to the most recently
sus-pended Telnet connection Using the resume command requires a connection ID, and
you can display the connection IDs for all open sessions by using the show sessions
command
Lab Activity Establishing and Verifying a Telnet Connection
In this activity, you establish a Telnet connection to a remote router and gather information from it
Lab Activity Disconnecting and Suspending Telnet Sessions
In this activity, you establish a Telnet session to a remote router You tempo-rarily suspend and then resume the session
Trang 4Alternative Connectivity Tests
The following sections cover many of the commands that can be used to test and examine connectivity between devices The tools and commands described in this section are as follows:
■ traceroute
■ show ip route
■ show interfaces serial
■ show interfaces/clear counter
■ debug
The ping Command
Many network protocols support an echo protocol as an aid to diagnosing basic net-work connectivity Echo protocols test whether or not protocol packets are being routed
The ping command sends a packet to the destination host and then waits for a reply
packet from that host Results from this echo protocol can help evaluate the path-to-host reliability, delays over the path, and if the path-to-host can be reached or is functioning This command is a basic testing mechanism, and its operation can be performed in either the user or privileged EXEC modes
The ping user EXEC command can be used to diagnose basic network connectivity Use the ping command as follows:
1. ping IP address or name of destination.
2. Press the Enter key.
Table 13-3 shows the Cisco ping return codes ping uses Internet Control Message
Protocol (ICMP)
Lab Activity Advanced Telnet Operation
In this activity, you use the telnet command to remotely access other routers,
verifying that the application layer between source and destination is working properly You suspend a Telnet session and engage in multiple Telnet sessions You return to the suspended session and disconnect from the Telnet session
Trang 5Figure 13-6 offers a sample diagram to demonstrate how ping works.
Figure 13-6 Testing with the ping Command
Table 13-3 Cisco ping Return Codes
! Each exclamation point
indicates receipt of an ICMP echo reply
The ping completed successfully.
Each period indicates that
the network server timed out while waiting for a reply
This message can indicate many problems:
ping was blocked by an access list or firewall.
A router along the path did not have a route
to the destination and did not send an ICMP destination unreachable message
A physical connectivity problem occurred somewhere along the path
U An ICMP unreachable
mes-sage was received
A router along the path did not have a route
to the destination address
C An ICMP source quench
message was received
A device along the path—possibly the desti-nation—might be receiving too much traffic;
check input queues
& An ICMP time exceeded
message was received
A routing loop might have occurred
Echo Reply
Network Layer
Echo Request
172.16.1.5
Trang 6The ping target 172.16.1.5 in Figure 13-6 responded successfully to all five datagrams
sent as indicated by the following:
Router>ping 172.16.1.5 Type escape sequence to abort.
Sending 5, 100 byte ICMP Echos to 172.16.1.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent, round-trip min/avg/max – 1/3/4 ms Router>
The exclamation points (!) indicate each successful echo If one or more periods (.) are received instead of exclamations on the display, the application on the router timed
out waiting for a given packet echo from the ping target.
The traceroute Command
The traceroute command (abbreviated as trace) is the ideal tool for finding where data
is being sent in a network The traceroute command is similar to the ping command, except that instead of testing end-to-end connectivity, traceroute tests each step along
the way This operation can be performed at either the user or privileged EXEC levels
Use the traceroute command as follows:
1. traceroute IP address or name of destination.
2. Press the Enter key.
Table 13-4 shows the Cisco traceroute return codes.
Lab Activity Alternate Connectivity Tests (ping)
In this activity, you use the ping command to send ICMP datagrams to a target
host and verify that the network layer between source and destination is work-ing properly You retrieve information to evaluate the path-to-host reliability, determine delays over the path, and determine if the host can be reached or is functioning
Table 13-4 Cisco traceroute Return Codes
nn msec This gives, for each node, the
round-trip time (in milliseconds) for the specified number of probes
This is normal
Trang 7To demonstrate how traceroute works, look at the sample diagram in Figure 13-7.
Figure 13-7 traceroute Command
In this example, the path from York to Rome is being traced with the following results:
York# trace Rome
Type escape to abort.
Tracing the route to Rome (172.16.33.5)
1 LONDON (172.16.12.3) 1000 msec 8 msec 4 msec
2 PARIS (172.16.16.2) 8 msec 8 msec 8 msec
3 ROME (172.16.35.5) 8 msec 8 msec 4 msec
York#
Along the way, the path must go through London and Paris If one of these routers is
unreachable, three asterisks (*) are returned instead of the name of the router The
* The probe timed out A device along the path either did
not receive the probe or did not reply with an ICMP “packet life exceeded” message
A Administratively prohibited A device along the path, such as a
firewall or router, might be block-ing the probe and possibly other or all traffic; check access lists
receiving too much traffic; check input queues
H An ICMP unreachable message has
been received
A routing loop might have occurred
Table 13-4 Cisco traceroute Return Codes (Continued)
Rome 172.16.12.3
172.16.16.2
172.16.33.5
Paris
Trang 8traceroute command will continue attempting to reach the next step until the Ctrl-Shift-6 escape sequence is used.
The traceroute command takes advantage of the error messages generated by routers when a packet exceeds its TTL or hop count value The traceroute command sends several ping packets with an incrementing TTL value and displays the round-trip time for each Because the TTL value is incremented each time a ping is sent, each succes-sive ping gets closer to the destination The benefit of the traceroute command is that it
also tells which router in the path was the last one to be reached, which allows for fault isolation
Testing the Network Layer with the show ip route Command
The router offers some powerful tools at this point in the search You can actually look
at the routing table, which contains directions that the router uses to determine how it will direct traffic across the network, and use another basic test that focuses on the
net-work layer Use the show ip route command as demonstrated in Example 13-5 to
determine whether a routing table entry exists for the target network The output in Example 13-5 shows that Rome (131.108.33.0) is reachable by Paris (131.108.16.2) via the Ethernet1 interface
Example 13-5 show ip route Command Output
Paris# show ip route Codes: I – IGRP derived, R – RIP derived, O – OSPF derived
C – connected, S – static, E – EGP derived, B – BGP derived
i – IS-IS derived, D – EIGRP derived
* - candidate default route, IA – OSPF inter area route E1 – OSPF external type 1 route, E2 – OSPF external type 2 route L1 – IS-IS level-1 route, L2 – IS-IS level-2 route
EX – EIGRP external route
Gateway of last resort is not set
I 144.253.0.0 [100/1300] via 133.3.32.2 0:00:22 Ethernet1 131.108.0.0 is subnetted (mask is 255.255.255.0), 3 subnets
I 131.108.33.0 [100/180771] via 131.108.16.2, 0:01:29, Ethernet1
C 131.108.12.0 is directly connected, Ethernet1
C 101.108.16.0 is directly connected, Ethernet0
I 219.100.103.0 [100/1200] via 133.3.32.2, 0:00:22, Ethernet1
Trang 9Testing the Physical and Data Link Layers with the show interfaces
serial Command
Figure 13-8 shows a serial connection between two router interfaces The interface has
two pieces, physical (hardware) and logical (software):
■ The hardware (including cables, connectors, and interfaces) must make the
actual connection between the devices
■ The software is responsible for the messages, such as keepalive messages, control
information, and user information, that are passed between adjacent devices
This data is being passed between the two connected router interfaces
Figure 13-8 Testing the Physical and Data Link Layers
When you test the physical and data link layers, ask these questions:
■ Is there a carrier detect signal?
■ Is the physical link between devices good?
■ Are the keepalive messages being received?
■ Can data packets be sent across the physical link?
One of the most important elements of the show interfaces serial command output is
the display of the line and data link protocol status Figure 13-9 indicates the key
sum-mary line used to check the status of the line and the data link protocol
Lab Activity Alternate Connectivity Tests (traceroute and show ip route)
In this activity, you use the traceroute Cisco IOS Software command to verify
that the network layer between source, destination, and each router along the
way is working properly The tracert Windows OS command is used from source workstation to destination router You also use the show ip route
command to display the router’s routing table
Link
Data
?
Trang 10Figure 13-9 Identifying Line and Protocol Problems
The line status in this example is triggered by a carrier detect signal and refers to the physical layer status However, the line protocol, triggered by keepalive frames, refers
to data link framing (a Layer 2 function)
Using the show interfaces and clear counters Commands
The router tracks statistics that provide information about the interfaces Use the show interfaces command to display the statistics, as demonstrated in Example 13-6 Example 13-6 show interfaces Command Output
Router# show interfaces serial 1 Serial1 is up, line protocol is up Hardware is cxBus Serial
Description: 56Kb Line San Jose – MP Internet address is 150.136.190.203, subnet mask is 255.255.255.0 MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec)
Last input 0:00:07, output 0:00:)), output hang never Last clearing of show interfaces counters 2w4d Output queue 0/40, 0 drops; input queue 0/75, 0 drops Five minute input rate 0 bits/sec, 0 packets/sec Five minute output rate 0 bits/sec, 0 packets/sec
16263 packets input, 1347238 bytes, no buffer Received 13983 broadcasts, 0 runts, 0 giants
2 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 2 abort
0 input packets with dribble condition detected
Router# show int s 1 Serial1 is up, line protocol is up Hardware is cxBus Serial Description 56Kb Line San Jose - MP
Carrier detect (line status)
Keepalives
Serial1 is up, line protocol is up Serial1 is up, line protocol is down Serial1 is down, line protocol is down Serial1 is administratively down, line protocol is down
Operational Connection Problem Interface Problem Disabled