network troubleshooting
TRANSCRIPT
Confidential
Network+
Troubleshooting Network Procedures, Tools and Scenarios
2Confidential
Objectives
Describe the steps involved in an effective troubleshooting
methodology
Follow a systematic troubleshooting process to identify and resolve
networking problems
Document symptoms, solutions, and results when troubleshooting
network problems
Use a variety of software and hardware tools to diagnose problems
3Confidential
Troubleshooting Methodology
Steps for troubleshooting network problems:
Identify symptoms and potential causes
Identify affected area
Establish what has changed
Select most probable cause
Verify user competency
Re-create problem
Verify physical integrity of network connection
Verify logical integrity of network connection
4Confidential
Troubleshooting Methodology (continued)
Steps for troubleshooting network problems (continued):
Implement an action plan and solution and be prepared for all potential
effects
Test the result
Identify results and effects of solution
Document solution and process
5Confidential
Identify the Symptoms and Potential Causes
Questions that may help identify non-obvious symptoms: Access to network affected? Network performance affected? Data and/or programs affected? Only certain network services affected? Problems include local application, networked application, or multiple
networked applications? Specific error messages reported? One user or multiple users affected? Symptoms manifested consistently?
6Confidential
Identify the Affected Area
Figure : Identifying the area affected by a problem
7Confidential
Identify the Affected Area (continued)
Figure (continued): Identifying the area affected by a problem
8Confidential
Identify the Affected Area (continued)
Figure : Identifying the chronological scope of a problem
9Confidential
Identify the Affected Area (continued)
Figure (continued): Identifying the chronological scope of a problem
10Confidential
Establish What Has Changed
Questions to help pinpoint problems resulting from a network
change:
OS or configuration on a server, workstation, or connectivity device
changed?
New components added to server, workstation, or connectivity device?
Old components removed from server, workstation, or connectivity
device?
New users or segments added to the network?
Server, workstation, or connectivity device moved from previous location
to new location?
11Confidential
Establish What Has Changed (continued)
Questions to help pinpoint problems resulting from a network
change (continued):
Was a server, workstation, or connectivity device replaced?
Was new software installed on a server, workstation, or connectivity
device?
Was old software removed from a server, workstation, or connectivity
device?
12Confidential
Establish What Has Changed (continued)
Two ways to react to problems caused by network changes:
Attempt to correct problem
Attempt to reverse change and restore hardware or software to previous
state
Complete network change records should be kept
Make available to staff members
13Confidential
Select the Most Probable Cause: Verify User Competency
Ensure that human error is not source of problem
Problems caused by human error usually simple to solve
Best way to verify that a user is performing network tasks correctly
is to watch them
14Confidential
Re-create the Problem
Try to reproduce symptoms both while logged on as the user who reported the problem and while logged on under a privileged account
Questions to help determine whether a problem’s symptoms are truly reproducible: Make symptoms recur every time? Make symptoms recur some of the time? Symptoms happen only under certain circumstances? Symptoms consistent no matter how many and which programs or files
user has open?
15Confidential
Verify Physical Connectivity
Many network problems occur at Physical layer
Symptoms of Physical Layer problems: continuous or intermittent
inability to connect to network and perform network related functions
Possible causes of Physical Layer problems:
Segment or network lengths exceeding IEEE maximum standards
Noise affecting wireless or wire-bound signal
Improper terminations, faulty connectors, loose connectors, or poorly
crimped connections
Damaged cables
Faulty NICs
16Confidential
Verify Physical Connectivity (continued)
Diagnosing Physical Layer problems:
Device turned on?
NIC properly inserted?
For wireless NICs, antenna turned on?
Device’s network cable properly connected to both NIC and wall jack?
Patch cables properly connect punch-down blocks to patch panels and
patch panels to hubs or switches?
17Confidential
Verify Physical Connectivity (continued)
Diagnosing Physical Layer problems (continued):
Hub, router, or switch properly connected to backbone?
Cables in good condition?
Connectors in good condition and properly seated?
Network lengths conform to IEEE 802 specifications?
Devices configured properly to work with network type or speed?
18Confidential
Verify Physical Connectivity (continued)
Swapping equipment:
If you suspect problem lies with a network component, easy to test
theory by exchanging for a functional component
Cables, ports, data jacks, network adapters
Difficult to swap routers and switches
19Confidential
Verify Physical Connectivity (continued)
Figure : Verifying physical connectivity
20Confidential
Verify Physical Connectivity (continued)
Figure (continued): Verifying physical connectivity
21Confidential
Verify Logical Connectivity
Questions to help identify logical connectivity problems: Error messages reference damaged or missing files or device drivers? Error messages reference malfunctioning or insufficient resources? OS, configuration, or application been recently changed, introduced, or
deleted? Problem occurs with only one application or a few, similar applications? Problem happens consistently? Problem affects single user or one group of users?
22Confidential
Implement an Action Plan and Solution Including Potential Effects
Scope: assess scope of solution before implementing Tradeoffs: solution may restore functionality for one group of users,
but remove it for others Security: solution may inadvertently result in addition or removal of
network access or resource privileges for a user or group of users Scalability: does solution position network for additions and
enhancements later on Cost: if solution requires significant software or hardware cost,
weigh options carefully
23Confidential
Implement an Action Plan and Solution Including Potential Effects (continued)
Use vendor information: nothing to lose by referring to manual, except a little time Manuals, online information, technical support
Implement the solution: Collect all documentation about problem’s symptoms Make backups, keep old parts, print configurations Perform change, replacement, move, or addition Test solution Clean up Document solution and results Revisit problem later
24Confidential
Test the Results
Must verify that problem solved properly
Type of testing depends on solution
Depends on area affected by problem
May not be able to test solution immediately after implementing it
25Confidential
Identify the Results and Effects of the Solution
Should be able to determine how and why solution was successful
and effects on users and functionality
Want to avoid creating unintended, negative consequences as
result of solution
26Confidential
Document the Solution and Process
Always record symptoms and cause(s) of a problem and solution
Impossible to remember circumstances of each incident
Networking personnel frequently change jobs
27Confidential
Staff Involved in Troubleshooting
Many staff members may contribute to troubleshooting network
problems
Help desk analysts often first-level support
Creates record for incident and attempts to diagnose problem
Second-level support analyst has specialized knowledge in one or more
aspects of a network
Most help desks include a help desk coordinator
Ensures analysts divided into correct teams, schedules shifts, maintains
infrastructure to enable analysts to better perform their jobs
28Confidential
Record Problems and Resolutions
Call tracking system: software used for documenting problems If no call tracking system, should keep records in electronic form
Name, department, phone number of problem originator Software- or hardware-related problem? Software package or device/component to which it pertains Symptoms of problem Name/telephone number of network support contact Time spent troubleshooting Resolution
29Confidential
Notify Others of Change
Record resolution in call tracking system
Notify others of solution and what, if anything, needed to change to
fix problem
Alerts others about problem and solution
Notifies others of network changes made, in case they affect other
services
Change management system: process or program that provides
support personnel with centralized means of documenting network
changes
30Confidential
Notify Others of Change (continued)
Types of changes that network personnel should record in change
management system:
Adding or upgrading software or hardware
Changing network properties of network device
Increasing or decreasing rights for group of users
Physically moving networked devices
Moving user accounts, files, and directories
Making changes in processes
Making changes in vendor policies or relationships
31Confidential
Help to Prevent Future Problems
Not all problems are preventable, but many can be avoided
Perform regular network health checks
Even continual network monitoring
When planning or upgrading a network, think about how good
network designs and policies can prevent later problems
32Confidential
Troubleshooting Tools: Crossover Cable
Transmit and receive wire pairs in one connector are reversed
Directly interconnect two nodes without using an intervening
connectivity device
Useful for quickly and easily verifying that node’s NIC is transmitting and
receiving signals properly
33Confidential
Tone Generator and Tone Locator
Telecommunications closets often disorganized and poorly
documented
Tone generator: Issues signal on wire pair
Tone locator: Emits tone when it detects electrical activity on wire
pair
Cannot be used to determine cable characteristics
Such as whether it has defects or whether its length exceeds IEEE
standards for a certain type of network
34Confidential
Tone Generator and Tone Locator (continued)
Figure : Use of a tone generator and tone locator
35Confidential
Multimeter
Can measure many characteristics of an electric circuit, including its
resistance and voltage
Voltmeter: measures voltage of electric current
Ohmmeter: measures resistance
Every type of wire has different resistance characteristics
Impedance: resistance that contributes to controlling signal
Telltale factor for ascertaining location of faults in a cable
36Confidential
Cable Continuity Testers
Test whether cable carrying signal to destination
When used on copper-based cables, applies small voltage to each
conductor at one end of a cable
Checks whether voltage detectable at other end
Two parts:
Base unit: generates voltage
Remote unit: detects voltage
Some verify that wires in UTP or STP cables paired correctly and
are not shorted, exposed, or crossed
37Confidential
Cable Continuity Testers (continued)
Figure : Cable continuity testers
38Confidential
Cable Performance Testers
Accomplishes same continuity and fault tests as a continuity tester,
and more
Performance testers perform following tasks:
Measure distance to connectivity device, termination point, or cable fault
Measure attenuation along cable
Measure near-end crosstalk between wires
Measure termination resistance and impedance
Pass/fail ratings for CAT 3, 5, 5e, 6, or 7 standards
39Confidential
Cable Performance Testers (continued)
Performance testers perform following tasks (continued):
Store and print cable testing results or directly save data
Graphically depict cable’s attenuation and crosstalk characteristics over
length of cable
Time domain reflectometer (TDR): issues signal on cable and
measures way signal reflects
Optical time domain reflectometer (OTDR): used for fiber optic
cables
40Confidential
Cable Performance Testers (continued)
Figure : A performance tester
41Confidential
Network Monitors
Software tool that continually monitors network traffic from a server
or workstation
Typically can interpret up to Layer 3
Determines protocols passed by each frame
Can’t interpret data inside frames
Many available programs:
Microsoft Network Monitor ships with Windows Server 2003
Novell NETMON comes with NetWare 5.x and 6.x
Many others available
42Confidential
Network Monitors (continued)
Network monitoring tools perform following functions:
Continuously monitor network traffic on segment
Capture network data transmitted on segment
Capture frames sent to or from specific node
Reproduce network conditions by transmitting selected amount and type
of data
Generate statistics about network activity
43Confidential
Network Monitors (continued)
Some network monitoring tools can also:
Discover all network nodes on a segment
Establish a baseline
Record of how network operates under normal conditions, including
performance, collision rate, utilization rate, and so on
Store traffic data and generate reports
Trigger alarms when traffic conditions meet preconfigured conditions
44Confidential
Network Monitors (continued)
Data errors that can be distinguished:
Local collisions
Late collisions
Runts
Giants
Jabber
Negative frame sequence checks
Ghosts
45Confidential
Protocol Analyzers
Capture traffic and analyze frames Typically up to Layer 7 Can interpret payload portion of frames
Can generate traffic in attempt to reproduce network problem and monitor multiple network segments simultaneously
Hardware-based protocol analyzers exist Sole job is to identify and assess network problems Tailored to particular type of network
May collect more information than can be processed
46Confidential
Protocol Analyzers (continued)
Figure : Traffic displayed by protocol type
47Confidential
Wireless Network Testers
To test wireless connections, stations, or APs, need tools that contain wireless NICs and run wireless protocols
Programs exist that can scan for wireless signals over a geographical range and discover all APs and wireless stations transmitting in area Determine whether AP functioning properly Determine whether AP positioned correctly Determine whether stations and APs are communicating over proper
channels within a frequency band
48Confidential
Wireless Network Testers (continued)
Some programs can capture data transmitted between stations and
APs
Useful for troubleshooting wireless connection problems
Some programs contain a spectrum analyzer
Assess quality of wireless signal
Ascertain where noise (or interference) is greatest
49Confidential
Wireless Network Testers (continued)
Capabilities common to wireless network testers:
Identify transmitting APs and stations and channels over which they are
communicating
Measure signal strength from and determine range of AP
Indicate effects of attenuation, signal loss, and noise
Interpret signal strength information
50Confidential
Wireless Network Testers (continued)
Capabilities common to wireless network testers (continued):
Ensure proper association and reassociation when moving between
APs
Capture/interpret traffic exchanged between wireless APs and stations
Measure throughput and assess data transmission errors
Analyze the characteristics of each channel within a frequency band to
indicate the clearest channels
51Confidential
Wireless Network Testers (continued)
Figure : Wireless network testing tool
52Confidential
Summary
Key to solving network problems is to approach them methodically and logically, using your experience to inform your decisions, and knowing when to ask for someone else’s help
First step in troubleshooting is identifying the symptoms and potential causes for a problem
Second step in troubleshooting is to identify the affected area At each point in the troubleshooting process, stop to consider what
kind of changes have occurred on the network that might have created a problem
53Confidential
Summary (continued)
Based on an analysis of the symptoms and how changes might
have affected the network, select a probable cause for the problem
After you have identified the probable cause, implement an action
plan and your solution, while considering the potential effects of the
solution
After implementing your solution, test your result to ensure that you
solved the problem and haven’t created new problems
Next identify the effects and results of your solution
54Confidential
Summary (continued)
Last step in troubleshooting is to document the solution and the
process of solving the problem
A tone generator and tone locator are used to identify the
terminating location of a wire pair
A multimeter is a simple device that can measure the voltage,
resistance, impedance, and other characteristics of an electrical
circuit
Basic cable continuity testers determine whether your cabling can
provide connectivity
55Confidential
Summary (continued)
A network monitor is a software-based tool that monitors network
traffic from a server or workstation attached to the network
Protocol analyzers can typically interpret data up to Layer 7 of the
OSI Model
Wireless network testing tools can be dedicated instruments or
software that run on a workstation (usually a laptop)