Please enable JavaScript.
Coggle requires JavaScript to display documents.
Troubleshooting Networks (Network Issues (MTU
Maximum Transmission Unit
…
Troubleshooting Networks
Network Issues
MTU
Maximum Transmission Unit
Ethernet packet is 1500 bytes
DSL carriers MTU 1400 bytes
MTU Black Holes
Path MTU Discovery (PMTU), determine the best MTU setting automatically,
PMTU runs under ICMP
Most routers have firewalls that block ICMP
NIC Teaming Misconfiguration
Link Aggregation Control Protocol (LACP)
Two NICS can be active or passive
Passive listens and Active initiaites
Passive passive will not work
Discovering Neighboring Devices/Nodes
If comp fails to discover devices, this might be the dhcp or dns
-
Incorrect Interface/Misconfigured Interface
NAT rules take precedence over an appliance’s routing table entries.
End-to-end connectivity
Connecting users with essential resources within a smaller network, such as a LAN or a private WAN
Make sure proper ports are open, make sure users have right permissions nd ACL are setup correctly
Speed Mismatch
link will not come up
Duplex Mismatch
link will come up but the connection will be erratic
-
Swtiching Loops
when you connect and configure multiple switches together in such a way that causes a circular path to appear
Spanning Tree Protocol makes this rare
Incorrect IP Configuration/Gateway
Go into the network configuration for the device and put in correct numbers
Broadcast Storms
result of one or more devices sending a nonstop flurry of broadcast frames on the network. Every comp on broadcast domain can't connect to ntwk
Unplug devices until you find the one flooding ntwk
Try packet analyzer
-
-
Misconfigured DNS
ping a file server by IP address but not by name, this points to DNS issues
Simultaneous Wired/Wireless Connections
NIC cannot use wireless/wired connections at same time
Must configure one as default
-
-
Missing IP Routes
access control list (ACL) might block or allow access to network resources for nodes that shouldn’t have it.
-
Security Issues
AAA
Failing to give the switch proper security policies on the server
In this case, the switch won’t be allowed to do its job.
Failing to point the switch to the correct RADIUS/TACACS+ server
You need to give the switch the right IP address. It’s a simple issue, but one that often happens.
Improperly configuring the correct authentication method for the switch
If you configure the switch for EAP-PEAP and the server is expecting EAP-TLS, it won’t work properly. If you want to use a certificate-based authentication, you’ll need a valid certificate that the server can use.
-
User Issues
-
Tight Control of User Accounts
Unauthorized access
means a person does something beyond his or her authority.
Improper access
occurs when a user who shouldn’t have access gains access through some means.
Trusted Users
account that has been granted admin rights
Untrusted Users
account that has been granted no administrative powers.
-
ICMP Issues
-
Ping of Death
malformed ping packet that was too large for the protocol to handle and would therefore crash the software system of the computer
-
Unpatched Firmware/OS
Test patch before rolling out to entire ntwk
If legacy sys cannot be updated, put them behind some firewall
-
Banner Grabbing
probe a host’s open ports to learn details about running services
Mal user can send invalid request to port 80 and learn about computer's software based on error message
OUI
organizationally unique identifier
By issuing certain ICMP messages malicious user can collect all of the OUI numbers nodes attached to a network
Can then lookup manufactures for vulnerabilities
ARP Issues
ARP enables any device at any time to announce its MAC address without first getting a request
device can just declare itself to be a “router.”
-
-
WAN Issues
Loss of Internet Connectivity
computer needs a legitimate IP address, subnet mask, default gateway, and DNS address
Physical Issues
Interface Errors
Check all cabling between client and demark before calling ISP
Check NIC by running loopback test with loopback plug
-
-
-
Configuration Issues
-
DNS Issues
1) ISP DNS Server can fail
2) ISP DNS servers use "DNS Helpers" that redirect you to ads when the wrong URL is entered.
Use fast public DNS
Google: 8.8.8.8 as primary or backup DNS
Split Horizon
When a router learns a route through 1 Interface, it will not communicate that route on the same interface
Router Configurations
tracert/traceroute
Run traceroute to your default gateway. If that fails, you know you have a local issue and can potentially do something about it.
Missing Routes
misconfigured router as a default gateway is either not able to get packets out or not able to get packets in
-
-
Wireless Issues
-
-
Signal Issues
Environmental Factors
150 or 300 ft is in ideal situations
Watch out for dead spots caused by concrete walls, metal and RF blocking window film
Relocate WAPs to fix
Interference
(RMI) Radio frequency interference
Scan for RF sources using scanner/analyzer
Measure in (SNR) Singal to Noise Ratio
-
-
-
Overlapping Channels
Aim for 1, 6, 11
Consecutive channels have overlap
Signal Loss
lack enough signal power:
1.get closer to the WAP
- avoid dead spots
3.turn up the power
4.use a better antenna
5.upgrade to a newer 802.11 version (such as 802.11n or 802.11ac) with features that enable power to be used more efficiently.
Power Levels
Easy to adjust,
most WAP are set at low power by default
-
Configuration
(MIMO) multiple in/multiple out
enables devices to make multiple simultaneous connections called streams.
Channel bonding to increase throughout
AP Configuration
Config channel and frequency of WAP
2.4 v 5
1,6,11
-
-
Wrong Encryption
- Wrong encryption configured
- Entered incorrect passowrd
Thin/Thick Client
Thick - Access WAP directly with own interface
Thin - Configured by wireless controller
Lightweight Access Point Protocol (LWAPP)
Enables interoperability
Most WAPs will accept commands from any wireless controller
Cable Issues
-
Fiber Issues :
-
-
Bend Radius
bend a fiber-optic cable too much, you get light leakage
SFP/GBIC Transceiver Problems-Cable Mismatch
Watch our for multimode vs single mode mismatch
Just because a connector fits does not mean that it will work
Cable Failures
Distance Limitations
check the coupler if one is used to extend a cable run
They are plastic and easily broken
-
-
-
Crosstalk
electrical signal bleeds from one wire pair to another
poor crimping
Near-End Crosstalk (NEXT)
connected on the same end of the cable as the end emanating the signal
listens on the other three pairs and measures the amount of interference.
Far-End Crosstalk (FEXT)
sending the signal down one pair of wires, but this time listening on the other three pairs on the far end of the connection
Distance Limitation
100-meter distance limitation of UTP-based networks is inadequate for networks covering large buildings or campuses
-
-
Tools
Hardware Tools
-
-
Light Meter
Check fiber for dust, poor connections, and light leakage
-
Cable Testers
AKA continuity testers
Test for shorts, broken/shorts
time-domain reflectometer (TDR)
Tells length of cable and where break/short is
Optical Time domain reflectormeter(OTDR) for fiber
-
Software Tools
Software/Web Tools
-
Protocol Analyzer
Lets you look at protocols running at different levels of network
helps you determine slowdowns on a network by giving you an idea of excess or unexpected traffic
Looking Glass Sites
Runs diag from outside of the network
ping, traceroute, etc
Wifi Analyzer
documents all existing wireless networks in the area
Handheld tool or software on laptop
COMMAND Tools
arp
helps diagnose problems associated with the Address Resolution Protocol (ARP). CompTIA refers to the output of the arp command as the MAC address lookup table, while most folks would just call it the arp cache or arp table.
-
-
-
ipconfig and ifconfig
ifconfig The ifconfig command displays or sets settings on a network card on a UNIX/Linux/OS X system.
• ifconfig Displays the network card and IP settings
• ifconfig eth0 up Enables the first Ethernet card
• ifconfig eth0 down Disables the Ethernet card
ipconfig The ipconfig command is used i*n Windows to display the IP address information of the system.
• ipconfig /all Displays all TCP/IP settings and the MAC address
• ipconfig /displaydns Displays the DNS resolver cache
• ipconfig /flushdns Clears out the DNS resolver cache
-
netstat
enables a network tech to examine network statistics about a system
Listening ports or established connections
-
-
-
-
-
-
-
-
-
-
-interval
Redisplays selected stats, pausing interval seconds between each display
-