Summary
Yesterday, four of the eight systems (connected to same VLAN, identical ethernet adapter settings) were able to ping tweakers.net. Today, another system is not able to ping the internet anymore.
As the system site has been investigated extensively, the Cisco switch is perhaps suspected and has been analyzed as well (see Switch analysis section of the question), but the issue persists.
Current situation: this Q&A regarding packet sniffing is read
Question: Which further steps can be done to debug while some systems can ping the internet and others not while ethernet adapters are identical and these are connected to the same VLAN?
Switch Analysis
ARP
Switch>sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.10.10.2 147 Y ARPA VlanNum
MAC-Address table
Switch>sh mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
Num Y DYNAMIC Gi0/Z
VLAN
Switch>sh vl
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active
Num VLAN0Num active Gi0/Z
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet ... 1500 - - - - - 0 0
Num enet ... 1500 - - - - - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Running-config
Switch>sh run
interface GigabitEthernet0/Z
switchport access vlan Num
switchport mode access
switchport nonegotiate
!
IP Interfaces
Switch>sh ip int br
Interface IP-Address OK? Method Status Protocol
Vlan1 X YES NVRAM up up
VlanNum 10.10.10.1 YES NVRAM up up
GigabitEthernet0/Z unassigned YES unset up up
Interface
Switch>show interface Gi0/Z
GigabitEthernet0/Z is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is MAC (bia MAC)
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 669
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 248000 bits/sec, 34 packets/sec
5 minute output rate 516000 bits/sec, 51 packets/sec
6069964 packets input, 2943921646 bytes, 0 no buffer
Received 99 broadcasts (56 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 56 multicast, 88133 pause input
0 input packets with dribble condition detected
8562995 packets output, 4951152227 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
Best Answer
if you want to capture packages and analyze them with a packet sniffer (e.g. wireshark) the correct search term for Cisco IOS is SPAN (Switched Port Analyzer). See this documentation from Cisco.
Regarding your problem: I don't think that you'll find anything in the logs.
I would start checking if the port System1 is connected to is still active an really still accessing the right vlan. (show run)
sh ip int brief and show interface would be my first choices. Check if there are any error counters > 0.
There may also be some issues on the system itself. Check ip settings, proxy, DNS, ... (again). Ping the default gateway and system 2 and check if arp resolution is working.