Network troubleshooting facts Part 2
1. The arp -d command is for deleting cache entries, by running it with the
asterisk wildcard, the command deletes all of the entries in cache. The arp
-a command displays the entries in the arp table stored in its cache and the
arp - s is for adding entries, there is any arp - c command .
2. An optical time domain reflector is a device that transmit light pulses over a
fiber optic network and measures the time interval strength of the returning
pulse, to measure the length of the cable run. A OTDR can be used to
locate fiber optic cable breaks as well as characterize a cable runs
reflectance, optical return loss, and other characteristics. Multimeters, tone
generators, and punch down tools are devices that only work with copper
3. The ifconfig command runs only on unix and linux systems. The ping and
netstat utilities run on windows and unix/linux systems.the ipconfig and
tracert commands run only on windows
4. A cable certifier is the most expensive tool, its a complex electronic device
that can perform a battery of tests on a cable run confirm that the cable
confirms to be required wiring standards and maintains records of testing
procedures
5. Fluorescent light fixtures and other devices in an office environment can
generate magnetic fields resulting in electromagnetic interference. When a
copper based cable runs too near such a device, the magnetic fields can
generate an electric current on the cable that interferes with the signal
exchanged by the network devices. Jitter crosstalk and attenuation are all
conditions that can affect the performance of a wired network, not directly
related to cables proximity to light fixtures
6. When there are no ip addresses available in a dhcp scope automatic
private ip addressing takes over and the system self assigns an address
on the 169.254.0.0/16 network. Clients are not assigned a 0.0.0.0 address
nor are their requests forwarded to another dhcp server. Sharing ip
addresses is not possible on tcp/ip network.
7. The tcpdump utility is a command line tool that captures network packets
and displays their contents. The iptables, nmap, and pathping utilities
cannot capture and analyze packets. ip tables manages
Networking troubleshooting facts part 3
1. A protocol analyzer copies all network traffic, interprets the
protocolheaders and feilds and displays the output.The event viewer
displays system, application, and security event logs on a single computer.
There isnt any tool called traffic monitor. A management console is a
remote monitoring and management device that queries simple network
management protocol agents.
2. Tcpdump, dig, iptables, and ifconfig are all tools that run on unix/linux
systems. The route utility runs on both linux/windows systems
3. Running the ping tool with the -n parameter enables you to specify the
number of messages the ping tool should transmit with each execution.
The -t parameter causes the ping tool to send messages to the target
continously until manually stopped. The -i paameter enables you to specify
the time- to-live value of messages ping transmit. The -a parameter
resolves the ip address you specify as the target to a hostname.
4. Attenuation is the weakening of a signal as it travels long distances,
whether on a wired or wireless medium. The longer the transmission
distance, the more the signal weakens. Cable length specifications are
designed in part to prevent signals from attenuating to the point at which
they are unviable , jitter, crosstalk, and electromagnetic interference are all
conditions that can affect the performance of a wired network, but they are
not directly related to the length of the cable
5. The 2.4 ghz band used by wireless lans consists of channels that are 20 or
22 mhz wide.channels 1,6,11 are the only ones that doesnt overlap
6. If users are losing their connections due to interference from other types of
devices changing the channel alters the frequency the network uses and
can enable it to avoid interference. The other options are not likely to affect
any condition that would cause users to drop their connections .
7. Running the arp -e command on a linux system displays the contents of
the arp cache in the format shown here. The arp - a command displays the
cache using an alternative format. The arp -d command is for deleting
entries and the -s command is for creating entries
8. Using a tone generator and locator can help locate the correct cable
associated with each office connection. By connecting the tone to one end
of the cable he can use the locator to find the other end. A cable certifier
identifies a variety of cable performance, characteristics, typically including
the cable length, signal attenuation, and crosstalk, an optical time domain
reflector is used for fiber optic cabling, A multimeter is a device for
measuring the electric current on a copper cable.
9. The netstat utility can display the routing tables along other types of
network traffic and port information. The arp utility is for adding addresses
to the arp cache it cannot display the routing table. The ifconfig command
displays tcp/ip configuration information on a unix and linux system. It
cannot display the routing table. Terminal is a terminal emulation program.
10. Ipconfig is a windows command that displays a computers current ip
address and tcp/ip configuration settings including whether the computer
has obtained its address from a dhcp server. The ifconfig command
displays the same information for unix and linux systems. Msinfo32 is a
windows program that generates a graphical display of the computers
hardware and software configuration,but not its network settings. The
tracert command in windows displays the path that packets take through
the internetwork to reach a specified destination but does not display the
dhcp configuration.
Network Troubleshooting Facts Part 4
1. The arp -s command enables you to create a cache record
specifying the mac address and its associated ip address. The arp
-N command enables you to display the arp cache entries for a
specified network interface. The arp -d command is for deleting
cache entries. The arp - a command displays the entries in the arp
table stored in a cache
2. Any problem that affects all users on the network is a wide network
problem and should be given the highest priority.
3. If a problem lies within a specific server or other network component
that prevents many users from working its a shared resource
problem. A problem that lies within resources that provides services
to the entire network is a wide network problem. System wide
problems put a specific computer out of commission preventing a
user from getting any work done.
4. The arp -a command displays entries in the arp table stored in its
cache the arp -d command is for deleting entries and the arp-s
command is for adding entries. The arp -c command isnt a valid
command
5. The nmap utility is capable of scanning a system for open ports that
might be a security hazard. The tcpdump, dig and iptables cannot do
this
6. Nslookup utility is a command that generates dns resource record
request and sends them to a specific dns server
7. The ipconfig command runs only on windows, the ping and netstat
utilities run on both windows and linux. The traceroute utility runs on
linux, although windows version is called tracert
Network troubleshooting part 5
1. When establishing priorities, networkwide problems take over precedence
over departmental problems and problems with shared resources take
precedence over individual desktop problems
2. A problem that affectsthe entire network should be given the highest
priority this includes a mission critical backbone router problems that affect
multiple lans or an entire department are generally given the next highest
priority. An application problem that affects a shared application server on
a lan should be given the next highest priorit. A problem with a single users
computer should be given the lowest priority if the other problems have
been reported
3. Last step of the troubleshooting process is to document the solution and to
explain to the user what happened and why, in reality documentation
should begin when the problem is reported and the documentation should
be updated throughout the troubleshooting process.
4. The windows tracert tool transmits a series of icmp messages with
incrementing time-to-live- values which identify each router on the path the
packets take through the network. Ping uses icmp but it does not
manipulate ttl values. Netstat, route,and nslookup do not use icmp
messages nor do they maniplualte ttl values when doing their functions
5. A wire map tester consists of a main unit that connects to all 8 wires of a
utp cable at once and a loopback device that you connect to the other end
enabling you to test all the wires all at once. A wiremap tester can detect
opens and shorts as well as transposed wires, however it cannot detect
split pairs because in that fault, the pins are correctly connected.
6. The traceroute or tracert utility can locate a malfunctioning router by using
an echo request messages with incrementing ttl values ifconfig is a
network configuration utility for unix and linux systems, ping can test
connectivity to another tcp/ip system but cannot locate a malfunctioned
router and netstat displays information about a network connection but
cannot locate a malfunctioning router
7. The punchdown tool is critical to its operation in one motion, the tool strips
the insulation off the wire, press it down into the connector and cuts off the
excess end. A wire stripper simplifies the task of preparing the cable for the
connection process a crimper is only used for attaching connectors to
patch cables and pigtail splices are only used on fiber optic networks
8. The route print command displays both the ipv4 and ipv6 routing tables to
display only the ipv6 routing tables. To display only the ipv6 routing table
you add the -6 parameter to the route print command. Route list and route
print are not valid commands
9. Crimper used to create patch cables by attaching connectors to both ends
of a relatively short length of bulk cables this tool is not capable of
performing any other task
10. Jitter is a connectivity problem on wired networks that is caused by
single packets that are delayed due to network congestion, different
routing,or querying problems. When single packets in a data stream are
delayed the resulting connectivity problem is called jitter, while this
condition might not cause problems for asynchronous applications such as
email and instant messaging real time communications such as voice over
ip or streaming video
11.There should be no collisions at all on a full duplex network so collisions
indicate that at least one side of the connection is trying to operate in half
duplex mode ethernet running over twisted pair cable, in its original
half-duplex mode detecs collisions by looking for data on the transmit and
receive pins at the same time. In full duplex mode, data is supposed to be
transmitted and received at the same time. In a duplex mismatch in which
one side of a connection is configured to full duplex and the other
configured to half duplex the full duplex originating from one side look like
collisions to half duplex side. The half duplex adapter transmits a jam
signal as a result of every collision which cause sthe full duplex side to
receive and incomplete or damaged frame which are depicted as runt
frames or through cyclical redundancy check (crc) errors. Both sdes then
start to retransmit frames in a continuing cycle causing network
performance to diminish. Ping test do not detect a duplex mismatch
because ping only transmits a small amount of data in one direction at one
time. The mismatch only becomes apparent when the systems transmit
large amounts of data
12. The link pulse led indicates the adapter is connected to a functioning
hub or switch. The speed led specifies the data rate of the link the collison
led lights up when a collison occurs. There is no status led on a network
interface adapter
13. A split pair is a connection in which two wires are incorrectly mapped in
exactly the same way on both ends of the cable, each pin at one end of the
cable is correctly wired to the corresponding pin at the other end, but the
wires inside the cable used to make the connections are incorrect in a
properly wired connection each twisted pair should contain a colored signal
wire and a striped ground wire. In a split pair you can have two signals
twisted together as a pair. This can generate excessive amounts of
crosstalk corrupting both of the signals involved, because all of the pins
are connected properly a tone generator and locator cannot detect this
fault an open circuit would manifest as a failure to detect atone on a wire,
indicating that there is a break in the wire somewhere inside the cable or a
bad connection with the pin in one or both connectors. A short is when a
wire is connected to two or more pins at one end of the cable or when the
conductors of two or more wires are touching inside of the cable. Having
transposed wires is a fault in which both of the wires in a pair are
connected to the wrong pins at the end of the cable . All three of these
faults are detectable with a tone generator and locator.
14. Greater distance from the access point or interference from intervening
walls can both cause a weakening of a wireless signal resulting in the
intermittent connectivity.An incorrect ssid would prevent the laptop from
connecting to the network. An omnidirectional antenna generates signals
in every direction which would not account for the problem .
15. A protocol analyzer is a tool that enables a user to view to the contents
of packets captured from a network. If ipsec is properly implemented he
should be able to see that the data in packets captured from his
workstation is encrypted. A packet sniffer is a tool that captures packets for
the purpose of traffic analysis, but cannot view their contents.