TSHOOT Strategie notes
– Follow the path
– divide and conquer
– Move the problem
– Bottom up
– Top down
After watching Kevin Wallace Bull’s Eye videos and INE Tshoot Exam Demo video, the best method is to use a combination of Divide and Conquer-Bottom up/Top Down-Follow the path. There’s not really one single method that will lead to finding where the problem lies.
This is a collection of possible troubleshooting tips I collected over my studies. They are organized by OSI layer:
– interface is down? admin down?
– interfaces along layer2 path: down?
– cable is in place? (not for Tshoot exam)
– Portchannel is up?down? admin down?
– Etherchannel member ports are all up? is one member port down?
– Spanning-tree running on the vlan/the interface?
– Spanning-tree is blocking the interface/the vlan?
– vlan exists on switch?
– port in correct mode (trunk/access)?
– trunk interface exists?
– vlan is allowed on trunk?
– Etherchannel member ports have same config?
– Etherchannel vlan mask is the same as member ports?
– Etherchannel, on both ends, has same vlan mask? is trunking on both sides?
– Frame-relay mapping exists?
– for IPv6: frame-relay is done with link-local addresses?
– client has correct ip address? correct subnet mask and gateway?
– Duplicate IP address? duplicate IPv6 address?
– Static routes misconfigured?
– IPv6 enabled globally?
– routing enabled on router/L3switch?
– ip address on interface exists? wrong subnet?
– OSPF/EIGRP neighborship up? is there passive-interface?
– OSPF network type on interfaces match? beware of default OSPF network interface types
– Frame-relay mapping contain broadcast keyword?
– OSPF Hello&Dead timers match?
– OSPF authentication implemented?
– OSPF authentication type match?
– OSPF authentication keys/key-strings match?
– OSPF/EIGRP advertises default route?
– OSPF network statement correct?
– OSPF area numbers match?
– OSPF area types match?
– OSPF into EIGRP: metric defined?
– Route redistribution: distribute-list prevents correct route injection? misconfigred route-map?
– Vlan access-map blocks traffic?
– Router ACL blocks traffic? misconfigred? placed under wrong interface?
– HSRP group has correct vIP? has correct priority? has preemption?
– HSRP object tracking (and interface tracking): decrement value is correct?
– DHCP service exists?
– DHCP pool correct?
– DHCP excluded-addresses correct?
– DHCP ip helper-address exists? on the right vlan?
– NAT access-list matches correct traffic to be translated?
– NAT inside/outside interface placement?
– NAT pool of global inside addresses correct?
– Old NAT translation entries still exist?
– GRE tunnel up on both sides?
– GRE tunnel mode matches on both sides?
– GRE tunnel interfaces reach each other? –> IPv4 network (GRE transport protocol) is correct?
– BGP neighbor statement correct?
– BGP source IP of update packets reachable?
– BGP network statement: matches ip route in RIB?
– BGP authentication: same type? same digest?