Skip to main content

common Switch troubleshooting commands

common Switch troubleshooting commands

For CPU related issues:
Show process cpu sorted
Show process cpu history
Show platform port-asic stats drop
Show controllers cpu-interface
Debug platform cpu-queues
Show plat for ip

For memory issues
Show memory statistics
Show process memory sorted
Show buffers

For link issues
Show interface status | inc connected
Test cable-diagnostics tdr interface <>
Show cable-diagnostic tdr interface <>
Show interface <>
Show interface <> counters
Show interface <> counters errors
Show interface counter errors
Show controller Ethernet-controller <>
Show platform pm if-numbers
Show controllers Ethernet-controller port-asic statistics
Show platform port-asic stats drop <>

Layer 2 forwarding issues
Show interface <> status
Show spanning-tree interface <>
Show interface <> counter
Show mac address-table interface <>
Show mac address-table dynamic address <>
Show spanning-tree vlan <>
Show interface status error-disabled
Show interface <> counter error
Show platform forward
Show spanning-tree vlan <> detail

Layer 3 IP Unicast issues:
Ping
Sh ip arp vlan
Show mac address-table address
Show ip route
Show ip arp
Show platform forward ip

QOS issues:
Show mls qos interface <> stats
Show mls qos map dscp-output-q
Show platform port-asic stats drop
Show mls qos queue-set
Show mls qos maps dscp-output-q
Mls qos queue-set output <> threshold

TCAM issues:
Show platform tcam utilization
Show platform acl oacltcamfull
Show platform acl label <> detail
Show sdm prefer

Stacking issues:
Show switch {detail}
Show platform stack manager
Show switch stack-ring <>
Show controllers utilization
Show switch stack-ports summary
Labels:

Comments

Post a Comment

Popular posts from this blog

How to modify SSH/HTTP/Telnet time out in Cisco ASA firewall?

How to modify SSH/HTTP/Telnet time out in Cisco ASA firewall? By default tcp idle timeout is 1:0:0 hh:mm:ss. If in case you need to modify it you can do it by MPF (Modular Policy Framework). Let us setup a custom timeout when traffic is coming from particular host 10.77.241.129. !— Match the traffic using the access-list —! object-group service DM_INLINE_TCP_1 tcp port-object eq www port-object eq ssh port-object eq telnet access-list outside_mpc extended permit tcp host 10.77.241.129 <source ip> any object-group DM_INLINE_TCP_1 !— Define the class map Cisco-class –! class-map Cisco-class match access-list outside_mpc !— Call this class-map into policy map and set the connection reset after 10 min when traffic is coming from particular host —! policy-map Cisco-policy class Cisco-class set connection timeout idle 0:10:00 reset !— Apply the policy-map Cisco-policy on the interface. —! service-policy Cisco-p...
Post a Comment
Read more

CLI Commands for Troubleshooting FortiGate Firewalls

CLI Commands for Troubleshooting FortiGate Firewalls 2015-12-21 Fortinet , Memorandum , Network Cheat Sheet , CLI , FortiGate , Fortinet , Quick Reference , SCP , Troubleshooting Johannes Weber This blog post is a list of common troubleshooting commands I am using on the FortiGate CLI . It is not complete nor very detailled, but provides the basic commands for troubleshooting network related issues that are not resolvable via the GUI. I am not focused on too many memory, process, kernel, etc. details. These must only be used if there are really specific problems. I am more focused on the general troubleshooting stuff. I am using it personally as a cheat sheet / quick reference and will update it from time to time. Coming from Cisco, everything is “show”. With Fortinet you have the choice confusion between show | get | diagnose | execute . Not that easy to remember. It is “ get router info6 routing-table” to show the routing table but “ diagn...
Post a Comment
Read more

Checkpoint firewall common commands part 2

Checkpoint firewall common commands part 2 For basic firewall informaton gathering: fgate stat -Status and statistics of Flood-Gate-1. fwaccel <stat|stats|conns>  – View status, statistics or connection table of SecureXL. fw getifs -Show list of configured interfaces with IP and netmask. cpstat <app_flag> [-f flavour] -View OS, HW and CP application status. Issue cpstat without any options to see all possible application flags <app_flag> and corresponding flavours. Examples: cpstat fw -f policy – verbose policy info cpstat os -f cpu – CPU utilization statistics cpinfo -y all   -List all installed patches and hotfixes. cpd_sched_config print -Show task scheduled with CPD scheduler. enabled_blades -View enabled software blades avsu_client [-app <app>]   , get_version <app>  -Get signature version and status of content security .Without the -app option “Anti Virus” is used. show co...
Post a Comment
Read more