5.5 - General Network Troubleshooting

¡Supera tus tareas y exámenes ahora con Quizwiz!

Low optical link budget

• Amount of loss suffered by all components along a fiber transmission path • Attenuation - Can be caused by a dirty connector • Always check with a light meter and compare results to the documentation for the network device

Troubleshooting DNS issues

• Check IP configuration - Is the DNS IP address correct? • Use nslookup or dig to test - Does resolution work? • Try a different DNS server - Google is 8.8.8.8; Quad9 is 9.9.9.9

Incorrect VLAN configurations

• Check VLAS assignments on the switch - What VLANs have been assigned to which individual interfaces • Check trunk settings - Make sure that you're including all the VLANs that need to are able to traverse that trunk

Troubleshooting duplicate IP addresses

• Check you IP address configurations • Ping an IP address before static addressing - Does it respond • Determine the IP address - Ping the address, check your ARP table; Find the MAC address in your switch MAC table • Capture the DHCP process - What DHCP servers are responding

Troubleshooting IP configurations

• Check your documentation - Confirm IP address, subnet mask, gateway, DNS settings are correct • Monitor the traffic with protocol analyzer or other monitoring tool • Check devices around you - Confirm the configurations of other devices • Traceroute and ping - Which devices can you and can't you communicate to.

Duplicate IP addresses

• Common with static address assignments • Could also happen with DHCP if using in tandem with static addressing or multiple servers • Rogue DHCP servers could also cause it • Will cause intermittent connectivity as the two addresses "fight" with each other • Usually blocked by the OS - Will check on startup and will disable itself to avoid creation of a duplicate IP address

IP configuration issues

• Communicate to local IP addresses, but no outside subnets • Or may not have IP communication at all - Local or remote • May also be intermittent connectivity or they're able to communicate to some subnets, but not others

Licensed feature issues

• Features are often individually licensed - Requires some payment • Some ports and features may become unavailable - A license key unlocks functionality • This can cause problems during an upgrade or configuration update • If rolling out some configuration changes, examine what is licensed on end user devices and make sure testing matches that licensing

Rogue DHCP server

• IP address assigned by a non-authorized server • Clients can be assigned an invalid or duplicate IP address, causing intermittent connectivity, or no connectivity at all • Enable DHCP snooping on your switch • Identify authorized DHCP servers in Active Directory • Identify and disable the rogue and renew the leases

Incorrect firewall settings

• If there are configurations that limit certain applications, port number, protocols - Applications won't work properly • Check host-based firewall settings as well - What is admin allowing or not allowing to be sent/received from those devices • Confirm the network based firewall config - Check policy list and logs • Take a packet capture - The traffic may never make it to the network or dropped by the OS

Half-duplex Ethernet

• If two devices communicate simultaneously, you have a collision

IGMP snooping

• Internet Group Management Group Protocol - Used by routers and switches to intelligently forward multicast traffic • Switches can watch (snoops) for these messages and then uses that info to make intelligent decisions on where to forward the multicast traffic

Duplicate MAC addresses

• May be an on-path attack • MAC addresses are designed to be unique • Could also simply be a mistake - Locally administered MAC address or a manufacturing error • Can cause intermittent connectivity • Confirm with a packet capture, should see ARP contention • Use the ARP command from another computer to confirm the MAC address matches the IP

Multicast flooding

• Multicast is used for one-to-many traffic flows such as live video feeds • There's no multicast destination address in the switch forwarding table so all multicast traffic is sent to every switch port - Both devices that involved in the communication and devices not involved • Each device receives the multicast traffic - Consumes unnecessary resources on the remote device; Uses bandwidth and switch processing time

Hardware failure

• No response - Application doesn't respond • Confirm connectivity - ping • Run a traceroute - See if you're being filtered • Check the server - Lights? Error Messages? Fire?

Collisions

• Normal on a half-duplex • Heavy utilization can cause excessive collisions • Most Ethernet connections are full-duplex so if there are collisions, there is a problem • Interface configuration issues - Duplex mismatch • Hardware issue - Could indicate a bad NIC or bad driver

Switching loops

• Possible if Spanning Tree Protocol is not configured

Missing route

• Route to the next destination network does not exist so the packet will be dropped • ICMP host unreachable message will be sent to the same route address - Source device will be informed of the error • Check your routes in both directions

Certificate issues

• Security alert and invalid certificates • Look at the certificate details - Click on the lock icon • May be expired or the wrong domain name • May not be properly signed (untrusted certificate authority) • Correct time and date is important

Exhausted DHCP scope

• Shortage of available IP addresses • Client receives an APIPA address and will only be able to communicate on the local subnet • Check DHCP server and add more IP addresses if possible • IP address management (IPAM) may help - Will monitor and report on IP addresses shortages • Lower the lease time - Especially if lots of people come and go from the office

NTP issues

• Some cryptography is very time sensitive • Kerberos communication uses time stamps to determine how old a ticket might be • If the timestamps are wrong on either server or client, devices simply can't login to the network • Configure NTP on all devices and confirm configurations

Troubleshooting broadcast storms

• Take a packet capture to identify the source • Research the process that's broadcasting • Separate the network into smaller broadcast domains

Broadcast storms

• The forwarding of a frame repeatedly - hundreds or thousands of times - on the same links, consuming significant parts of the links' capacities • Will cause network utilization to go to a near-maximum capacity and the CPU utilization of the switches will jump

Network performance issues

• The network is slow • Never one single performance value to look at, and is really a combination of many different metrics • Any one thing performing poorly can cause the entire device to have poor performance • Must monitor all of them to find the slowest one - Can be quite a challenge

Asymmetric routes

• Traffic that follows one path on egress (the way out) and a different path ingress (the way in), or vice versa • Can be difficult to troubleshoot if accidently created • Firewalls may drop sessions - An unexpected traffic flow is dropped by default • Traceroute can help identify • Configure firewalls to take into account the asymmetric route • Or, if it's a mistake, go to routers on inbound and outbound side to make sure they're forwarding to the right IP

DNS issues

• Web browsing doesn't work • Ping works, browser doesn't - Not a communication problem • May prevent the access of company shared drives, which are typically accessible through fully qualified domain names • Applications often use names rather than IP addresses so they may not communicate either

Routing loops

• When router A thinks the next best hop is router B, and router B thinks the next best hop is router A, creating a loop until TTL=0 and the packet is discarded • Very easy to misconfigure if managing a statically routed network • A traceroute will clearly show where this is happening • Check the routing tables in each L3 device and modify as needed


Conjuntos de estudio relacionados

Political Behavior & Beliefs Review Questions

View Set

Unit 15 - Disability Income Insurance

View Set

[UCSB] PSY 123: Cognitive Neuroscience

View Set

Chapter 26: Nursing Assessment: Renal and Urinary Tract Function

View Set