A router interface shows status "up/down". What is the most likely cause?

There is an encapsulation or protocol mismatch at Layer 2. An interface status of "up/down" means Layer 1 (physical) is up but Layer 2 (data link protocol) is down. This is typically caused by an encapsulation mismatch, keepalive failure, or clocking issue on serial interfaces. "administratively down/down" means shutdown was entered, and "down/down" usually means a physical cable issue.

You can ping a host from the router but cannot ping a remote server. The routing table shows no route to the server network. What should you do?

Add a route (static or dynamic) to the server network. If the routing table has no route to the destination network, you need to add one. This can be a static route (ip route) or configure a dynamic routing protocol (OSPF) to learn the route. Without a route, the router drops packets destined for that network and sends ICMP Destination Unreachable.

Which command shows a quick summary of all interfaces, their IP addresses, and their up/down status?

show ip interface brief. "show ip interface brief" provides a concise summary showing each interface name, IP address, OK? status, method (DHCP/manual), protocol status, and line status. It is the most efficient command for quickly checking interface status. "show interfaces" provides much more detail but is harder to scan quickly.

Troubleshooting IP Connectivity

Troubleshooting is a critical skill for the CCNA exam. You must be able to systematically identify and resolve network connectivity issues.

Structured Troubleshooting Approach

Bottom-Up (Layer 1 → Layer 7)

Layer 1 (Physical):

Is the cable connected? Check link lights.
Is the interface up/up? (show ip interface brief)
Speed/duplex mismatch? (show interfaces)
CRC errors, input/output errors? (show interfaces)

Layer 2 (Data Link):

Is the MAC address in the switch's MAC table? (show mac address-table)
Is the port in the correct VLAN? (show vlan brief)
Is the trunk working? (show interfaces trunk)
STP blocking the port? (show spanning-tree)
Is ARP resolving? (show ip arp)

Layer 3 (Network):

Is the IP address correct? (show ip interface brief)
Is the subnet mask correct?
Is there a route to the destination? (show ip route)
Is the default gateway reachable? (ping)
ACL blocking traffic? (show access-lists)
NAT working? (show ip nat translations)

Essential Troubleshooting Commands

Command	What It Shows
`show ip interface brief`	Interface status and IP addresses (quick summary)
`show interfaces`	Detailed interface stats, errors, speed/duplex
`show ip route`	Routing table
`show ip arp`	ARP cache (IP to MAC mappings)
`show mac address-table`	Switch MAC address table
`show vlan brief`	VLAN port assignments
`show cdp neighbors`	Directly connected Cisco devices
`show ip ospf neighbor`	OSPF neighbor adjacencies
`show access-lists`	ACL rules and match counts
`ping <ip>`	Test Layer 3 reachability
`traceroute <ip>`	Show hop-by-hop path to destination

Interface Status Combinations

Status	Meaning	Likely Cause
up/up	Interface is operational	Normal
up/down	Layer 1 up, Layer 2 down	Encapsulation mismatch, keepalive failure
down/down	Interface is down	No cable, bad cable, remote side shut down
administratively down/down	Interface has been shut down	`shutdown` command was entered

Common Connectivity Problems and Solutions

Symptom	Possible Cause	Verification Command	Fix
Can't ping default gateway	Wrong IP/mask, interface down	`show ip interface brief`	Fix IP, `no shutdown`
Can ping gateway, can't ping remote host	Missing route	`show ip route`	Add static route or fix OSPF
Intermittent connectivity	Duplex mismatch	`show interfaces` (check errors)	Set both sides to auto or full
One VLAN works, another doesn't	Trunk not allowing VLAN	`show interfaces trunk`	Add VLAN to allowed list
OSPF neighbor not forming	Timer mismatch, passive interface, area mismatch	`show ip ospf neighbor`, `show ip ospf interface`	Match timers, remove passive, fix area

Ping Extended Options

Router# ping
Protocol [ip]:
Target IP address: 10.1.1.1
Repeat count [5]: 100
Datagram size [100]: 1500
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 192.168.10.1    ! Specify source IP

Specifying a source address is critical when testing routing—the return traffic must have a route back to your source address.

On the Exam: Always think about BOTH directions of traffic. If Router A can reach Router B, but Router B doesn't have a return route to the source, the ping will fail. This is one of the most common troubleshooting scenarios.

Cisco Certified Network Associate

3.7 Troubleshooting IP Connectivity

Key Takeaways

Troubleshooting IP Connectivity

Structured Troubleshooting Approach

Bottom-Up (Layer 1 → Layer 7)

Essential Troubleshooting Commands

Interface Status Combinations

Common Connectivity Problems and Solutions

Ping Extended Options

Cisco Certified Network Associate

1Introduction

2Chapter 1: Network Fundamentals (20%)

3Chapter 2: Network Access (20%)

4Chapter 3: IP Connectivity (25%)

5Chapter 4: IP Services (10%)

6Chapter 5: Security Fundamentals (15%)

7Chapter 6: Automation and Programmability (10%)

3.7 Troubleshooting IP Connectivity

Key Takeaways

Troubleshooting IP Connectivity

Structured Troubleshooting Approach

Bottom-Up (Layer 1 → Layer 7)

Essential Troubleshooting Commands

Interface Status Combinations

Common Connectivity Problems and Solutions

Ping Extended Options