Please enable JavaScript.
Coggle requires JavaScript to display documents.
Module 12: Network Troubleshooting, image, image - Coggle Diagram
Module 12: Network Troubleshooting
12.1.1 Documentation Overview
Common network documentation includes the following:
Physical and logical network topology diagrams
Network device documentation that records all pertinent device information
Network performance baseline documentation
12.1.2 Network Topology Diagrams
Network topology diagrams keep track of the location, function, and status of devices on the network. There are two types of network topology diagrams: the physical topology and the logical topology.
12.1.3 Network Device Documentation
Network device documentation should contain accurate, up-to-date records of the network hardware and software. Documentation should include all pertinent information about the network devices.
12.1.4 Establish a Network Baseline
A network baseline should answer the following questions:
How does the network perform during a normal or average day?
Where are the most errors occurring?
What part of the network is most heavily used?
What part of the network is least used?
Which devices should be monitored and what alert thresholds should be set?
Can the network meet the identified policies?
Measuring the initial performance and availability of critical network devices and links allows a network administrator to determine the difference between abnormal behavior and proper network performance, as the network grows, or traffic patterns change. The baseline also provides insight into whether the current network design can meet business requirements. Without a baseline, no standard exists to measure the optimum nature of network traffic and congestion levels.
12.1.5 Step 1 - Determine What Types of Data to Collect
When conducting the initial baseline, start by selecting a few variables that represent the defined policies. If too many data points are selected, the amount of data can be overwhelming
12.1.6 Step 2 - Identify Devices and Ports of Interest
Use the network topology to identify those devices and ports for which performance data should be measured. Devices and ports of interest include the following:
Network device ports that connect to other network devices
Servers
Key users
Anything else considered critical to operations
12.1.7 Step 3 - Determine the Baseline Duration
12.1.8 Data Measurement
12.2 Troubleshooting Process
12.2.1 General Troubleshooting Procedures
Troubleshooting can be time consuming because networks differ, problems differ, and troubleshooting experience varies. However, experienced administrators know that using a structured troubleshooting method will shorten overall troubleshooting time.
Therefore, the troubleshooting process should be guided by structured methods. This requires well defined and documented troubleshooting procedures to minimize wasted time associated with erratic hit-and-miss troubleshooting. However, these methods are not static.
12.2.2 Seven-Step Troubleshooting Process
12.2.3 Question End Users
The following recommendations should be employed when communicate with user:
Speak at a technical level they can understand and avoid using complex terminology.
Always listen or read carefully what the user is saying. Taking notes can be helpful when documenting a complex problem.
Always be considerate and empathize with users while letting them know you will help them solve their problem. Users reporting a problem may be under stress and anxious to resolve the problem as quickly as possible.
12.2.4 Gather Information
12.2.5 Troubleshooting with Layered Models
12.2.6 Structured Troubleshooting Methods
12.2.7 Guidelines for Selecting a Troubleshooting Method
12.3 Troubleshooting Tools
12.3.1 Software Troubleshooting Tools
12.3.2 Protocol Analyzers
12.3.3 Hardware Troubleshooting Tools
12.4.1 Physical Layer Troubleshooting
12.4.1 Physical Layer Troubleshooting
12.4.2 Data Link Layer Troubleshooting
12.4.3 Network Layer Troubleshooting
12.4.4 Transport Layer Troubleshooting - ACLs
12.4.5 Transport Layer Troubleshooting - NAT for IPv4
12.4.6 Application Layer Troubleshooting
12.5 Troubleshooting IP Connectivity
12.5.1 Components of Troubleshooting End-to-End Connectivity
The figure shows the topology of this network. PC1 uses SLAAC with EUI-64 to create its IPv6 global unicast address. EUI-64 creates the Interface ID using the Ethernet MAC address, inserting FFFE in the middle, and flipping the seventh bit.
When there is no end-to-end connectivity, and the administrator chooses to troubleshoot with a bottom-up approach, the following are common steps the administrator can take:
Step 1. Check physical connectivity at the point where network communication stops. This includes cables and hardware. The problem might be with a faulty cable or interface, or involve misconfigured or faulty hardware.
Step 2. Check for duplex mismatches.
Step 3. Check data link and network layer addressing on the local network. This includes IPv4 ARP tables, IPv6 neighbor tables, MAC address tables, and VLAN assignments.
Step 4. Verify that the default gateway is correct.
Step 5. Ensure that devices are determining the correct path from the source to the destination. Manipulate the routing information if necessary.
Step 6. Verify the transport layer is functioning properly. Telnet can also be used to test transport layer connections from the command line.
Step 7. Verify that there are no ACLs blocking traffic.
Step 8. Ensure that DNS settings are correct. There should be a DNS server that is accessible.
12.5.2 End-to-End Connectivity Problem Initiates Troubleshooting
12.5.3 Step 1 - Verify the Physical LayerAll network devices are specialized computer systems. At a minimum, these devices consist of a CPU, RAM, and storage space, allowing the device to boot and run the operating system and interfaces.
12.5.4 Step 2 - Check for Duplex MismatchesAnother common cause for interface errors is a mismatched duplex mode between two ends of an Ethernet link. In many Ethernet-based networks, point-to-point connections are now the norm, and the use of hubs and the associated half-duplex operation is becoming less common. This means that most Ethernet links today operate in full-duplex mode, and while collisions were normal for an Ethernet link, collisions today often indicate that duplex negotiation has failed, or the link is not operating in the correct duplex mode.
12.5.5 Step 3 - Verify Addressing on the Local NetworkWhen troubleshooting end-to-end connectivity, it is useful to verify mappings between destination IP addresses and Layer 2 Ethernet addresses on individual segments. In IPv4, this functionality is provided by ARP. In IPv6, the ARP functionality is replaced by the neighbor discovery process and ICMPv6. The neighbor table caches IPv6 addresses and their resolved Ethernet physical (MAC) addresses.
12.5.6 Troubleshoot VLAN Assignment ExampleAnother issue to consider when troubleshooting end-to-end connectivity is VLAN assignment. In the switched network, each port in a switch belongs to a VLAN. Each VLAN is considered a separate logical network, and packets destined for stations that do not belong to the VLAN must be forwarded through a device that supports routing. If a host in one VLAN sends a broadcast Ethernet frame, such as an ARP request, all hosts in the same VLAN receive the frame
12.5.7 Step 4 - Verify Default Gateway
If there is no detailed route on the router, or if the host is configured with the wrong default gateway, then communication between two endpoints in different networks does not work
12.5.9 Step 5 - Verify Correct Path
12.5.10 Step 6 - Verify the Transport Layer
If the network layer appears to be functioning as expected, but users are still unable to access resources, then the network administrator must begin troubleshooting the upper layers. Two of the most common issues that affect transport layer connectivity include ACL configurations and NAT configurations. A common tool for testing transport layer functionality is the Telnet utility
12.5.11 Step 7 - Verify ACLs
On routers, there may be ACLs that prohibit protocols from passing through the interface in the inbound or outbound direction.
Use the show ip access-lists command to display the contents of all IPv4 ACLs and the show ipv6 access-list command to display the contents of all IPv6 ACLs configured on a router.
12.5.12 Step 8 - Verify DNS
The DNS protocol controls the DNS, a distributed database with which you can map hostnames to IP addresses. When you configure DNS on the device, you can substitute the hostname for the IP address with all IP commands, such as ping or telnet.
To display the DNS configuration information on the switch or router, use the show running-config command.
