October 21, 2011

Cisco IOS Diagnostic Tools

There are certain a number of diagnostic tools that can be used to troubleshoot and monitor the different elements of a network. This article takes a look at a number of the built-in tools/command that exists within Cisco IOS. Any experienced IOS engineer knows that many issues can be diagnosed using only the tools that exist within the IOS itself; the target audience of this article includes engineers with less experience looking to become more familiar with the available tools and those preparing for the CCNP TSHOOT exam.

Show Processes CPU

One of the most basic commands to run on a Cisco device is show processes cpu. In its full view the command will show all of the active processes on a device and how much of the processor time the process is taking both currently and historically. Figure 1 below shows a shortened version of the command:

Cisco IOS Show Processes CPU

This command would typically be used when troubleshooting a problem with a device that is having trouble performing basic functions; for example if a router is having trouble forwarding and routing packets without loss.

Show Memory

Another command that is commonly in conjunction with the show processes cpu is the show memory command. This command is used to display the current status used and available memory; as with the show processes cpu command the show memory command also displays much more specific information about how memory is being allocated, however the initial information is often enough to get an idea of whether the problem happening is memory related. Figure 2 below shows a shortened version of the command:

Cisco IOS Show Memory

Figure 2 – show memory

Show IP Interfaces Brief

One of the most commonly used commands overall is the show ip interfaces brief command. As shown in Figure 3, this command is very helpful as it displays the interface, its associated IP address and its current status.

Cisco IOS show IP interfaces brief

This is one of the commands that offers a concise output that enables the engineer the ability to map out their environment quickly. Another common version of this command can be used to display only those interfaces that have currently assigned IP addresses, this is shown in Figure 4:

Cisco IOS show ip interfaces brief | exclude unassigned IP's

Show IP Route

The show ip route command is another often used command on Cisco IOS devices; it is used to display the contents of the current IP (IPv4) routing table. Obviously, when working on a Cisco router the contents of the routing table are a central part of the device operations, if information within the routing table is incorrect it can quickly lead an engineer in a direction to solve a problem. Figure 5 below shows the command:

Cisco IOS show IP route

Ping

Another very common tool is the ping command, obviously this is a command/tool that is not limited to Cisco IOS but can be used for a variety of different troubleshooting situations on Cisco devices. At its most simple, the ping command is used to send 5 100-byte ICMP echo packets to a specific destination; but the Cisco IOS extended ping command can do a number of different things that allow allot of troubleshooting flexibility. Some of these abilities include altering the ICMP source interface, packet size, packets sent, pattern sent, do not fragment bit, among others. Figure 6 shows an example of an extended ping:

Cisco IOS Ping

Traceroute

On the same track as the ping command above the traceroute command is a very basic command that can be very versatile and used in a number of different troubleshooting scenarios. At its most basic the traceroute command is used to trace the route that a packet takes from a source to destination, included with this information is an output of response times between the source and each intermediate device. One often unknown piece of information is that the traceroute command does not work exactly like the tracert command that is used on Microsoft devices; Cisco’s traceroute command uses UDP to trace the route from source to destination, often this is done with other implementations using an ICMP packet. This can be an advantage in many ways because many networks automatically drop ICMP echo packets because they are commonly used in Denial of Service (DoS) attacks. Like the ping command the traceroute command can be configured with a number of different extended parameters including source interface, timeout, number of probes per device hop and UDP port number among others. Figure 7 below shows an example of the traceroute command:

Cisco IOS Traceroute