The Basics of Network

Troubleshooting
Chapter No.12
 Preventing Problem
• Physical environment
• Electrical environment
• Viruses, Worm, Trojan Horses
 Problem in Physical Environment
• Temperature
• Air Quality
• Magnetism
 Electrical Problems
• Crosstalk
– UTP
– Solution STP
• Noise
– EMI
– RFI
– Solution
• Properly ground equipment
• Avoid placing cable close to possible EMI and RFI sources
• Use shielding in cables whenever possible
 Electrical Problems
• Static
– ESD (Electrostatic discharge)
– Solution
• Always ground yourself and equipment
• Never let anyone touch you while you are working
• Never directly touch electrical leads of components
• Always use antistatic bags
• Transient
– Transient also commonly called spikes, is high voltage burst of
current.
– Solution
• Put the computer on its own circuit with a separate breaker.
• Ensure that a computer is properly grounded
 Definition

• A virus is a self-
replicating program
that spreads by
inserting copies of
itself into other
executable code or
documents made by
crackers.
 Types of Viruses
Macro Viruses
Executable Viruses
Backdoor Programs
Boot Sector Viruses
Macintosh Viruses
Hoaxes
Virus Information
 Macro Viruses
• Most common type of virus on campus
• Affect Microsoft Office documents
• Written in Visual Basic for Applications
• Generally harmless with a few destructive varients
 Executable Viruses
• Second most common type of virus on campus
• Written in programming languages and compiled
into executable files
• Generally more destructive
 Backdoor Programs
• Sub-type of executable viruses
• Allow anyone on the internet to remotely control the
infected computer
– Send and receive files
– View the screen
– Start programs
– Monitor all keystrokes
 Boot Sector Viruses
• Rare viruses
• Similar to executable except the reside in the boot
sector instead of as a file
• Generally very destructive
 Macintosh Viruses
• Most virus code will not affect Macintosh
computers
– Macro viruses target “C:\”
– Executables can not execute
– Backdoors can not execute
– Boot Sector Viruses can not infect HFS
• Macintosh computers can be carriers of Macro
Viruses
 Hoaxes
• Warnings about viruses that do not exist
• Characteristics
– Claims the virus causes large amounts of damage
but lack specifics on how it works
– Claims unrealistic person (Bill Gates) or company
(AOL) started the warning
– Encourage you to pass it on to everyone you know
Methods Viruses Use to
Spread

Parasites
Worms
Trojan Horses
Booting
 Parasites
• Imbed themselves into a program or data file
• Spread to other files when the infected file is
opened
• Only spread to other computers when the files are
shared
 Worms
• Attempt to spread themselves to other computers
instead of only infecting files on the local computer
• Recent worms automatically send e-mail
attachments containing copies of the virus
 Trojan Horses
• Disguise themselves as usefull programs
– Greetings cards
– Games
– Screen Savers
• Modify system files while the ‘usefull’ program
executes
 Booting
• Boot sector viruses copy themselves to the boot
sector of a disk
• When the disk is used to boot a computer, the code
is loaded into memory
• The code resident in memory can be used to
deliver the payload and to infect other disks
 How Anti-Virus Software Works
• Automatically loaded at start-up time
• Monitors all interaction with files
• Looks for hexadecimal patterns within files. These
patterns are defined by Virus Definition Files
• Virus Definition Files must be updated regularly to
ensure new viruses can be detected
 Preventing Problems with
Network Management and Planning
• Two ways to solve networking problems
• Prevent them through planning and management
– Called pre-emptive troubleshooting or trouble
avoidance
• Repair and control damage that already exists
– Called troubleshooting

Guide to Networking Essentials, Fourth Edition 21

 Preventing Problems with
Network Management and Planning (continued)
• Combine network management and
troubleshooting to form overall network plan
– Include cable diagrams, cable layers, network
capacity information, protocols and network
standards, documentation on computer and network
device configuration, software, and important files
• Establish network policies and procedures
– Include back-up methods, security, hardware and
software standards, upgrade guidelines, and
documentation

Guide to Networking Essentials, Fourth Edition 22

 Backing Up Network Data

• To prevent data loss, develop comprehensive

back-up program, including:
– What data should be backed up and how often?
– What type of backup will be performed, how often,
and what time?
– Who is responsible for performing backups?
– Is backup system being tested regularly?
– Is backup log complete?
– Where is backed-up data stored (on-site and off-site)?
• Table 13-1 shows several back-up methods

Guide to Networking Essentials, Fourth Edition 23

 Backup Methods

Guide to Networking Essentials, Fourth Edition 24

 Setting Security Policies

• Security policies are part of network plan

– Include both data and hardware security
• Primary data security is username and passwords
for all accounts, including:
– How often users change passwords
– Whether users can reuse same passwords
– What character restrictions passwords have
– Whether passwords have single or multiple sets of
standards
– How exceptions are defined and documented

Guide to Networking Essentials, Fourth Edition 25

 Setting Security Policies (continued)
• Establish guidelines for resource access
– Grant access only to users who require it
– Grant minimum levels of access
– Set special security requirements for dial-in accounts
– Keep to a minimum the number of users who
perform network administration tasks

Guide to Networking Essentials, Fourth Edition 26

 Setting Hardware and Software
Standards
• Set standards for all network components
• Determine supported hardware manufacturers and
operating systems, including versions
• Determine what networking protocols and services
will be used
• Define server configurations and guidelines for new
server installations
• Evaluate standards at least once per quarter to
keep network up to date

Guide to Networking Essentials, Fourth Edition 27

 Establishing Upgrade Guidelines
• Establish guidelines for upgrades
• Give users advance notice of changes
• Try not to perform upgrades during working hours
• First “pilot” upgrades with small group of astute
network users to resolve problems
• Have plan to undo upgrade installation if necessary

Guide to Networking Essentials, Fourth Edition 28

 Maintaining Documentation
Keep complete up-to-date documentation of
network, both in hard copy and in electronic
form, including:
• Address list • Network hardware
• Cable map configuration
• Contact list • Policies and procedures
• Equipment list • Server configuration
• Network history • Software configuration
• Network map • Software licensing
• User administration
Guide to Networking Essentials, Fourth Edition 29
 Performing Pre-emptive
Troubleshooting
• International Organization for Standardization (ISO)
identifies five categories for pre-emptive network
troubleshooting:
– Account management
– Configuration management
– Fault management
– Performance management
– Security management

Guide to Networking Essentials, Fourth Edition 30

 Practicing Good
Customer-Relation Skills

• Users are customers, and the reason network

personnel have jobs
– Best source of information when something goes
wrong with network
– Develop special relationships with adept users
• Develop guidelines about user interaction
– Include how to question and respond to users, handle
irate users, and general user communication etiquette

Guide to Networking Essentials, Fourth Edition 31

 Using Network-Monitoring Utilities
• Many programs help with network management
– Identify conditions that may lead to problems,
prevent network failures, and troubleshoot problems
• Use network management utilities
– Learn which statistics to monitor
– Establish baseline for network performance
– Monitor changes

Guide to Networking Essentials, Fourth Edition 32

 Using Network-Monitoring Utilities
(continued)
• Use network management utilities in advanced
operating systems or from third-party sources
• Gather information about:
– Events
– System usage statistics
– System performance statistics

Guide to Networking Essentials, Fourth Edition 33

 Using Network-Monitoring Utilities
(continued)

• Use information from utilities to help:

– Identify network devices that create bottlenecks
– Provide information to forecast growth and plan
capacity requirements
– Develop plans to improve network performance
– Monitor events that arise from software or hardware
changes
– Monitor trends in network traffic and utilization
• Figure 13-1 shows Windows XP Performance
Monitor

Guide to Networking Essentials, Fourth Edition 34

 Windows XP Performance Monitor

Guide to Networking Essentials, Fourth Edition 35

 Creating a Network Baseline
• Defines point of reference for measuring network
performance when problem occurs
• Create baseline over time when no problems are
evident on network and repeat baseline periodically,
especially after significant changes to network
• Compare network performance with baseline to help
identify:
– Daily network utilization patterns
– Possible network bottlenecks
– Heavy usage patterns
– Protocol traffic patterns

Guide to Networking Essentials, Fourth Edition 36

 Monitoring with SNMP
• Simple Network Management Protocol (SNMP)
is part of TCP/IP protocol suite
• Software agents for each network device monitor
traffic and device status
– Store information in management information
base (MIB)
• See Figure 13-2

Guide to Networking Essentials, Fourth Edition 37

 SNMP Network Monitoring
and Managing

Guide to Networking Essentials, Fourth Edition 38

 Monitoring with SNMP (continued)
• SNMP monitors agents and collects data in MIBs to
generate statistics or charts about network
• Can set thresholds for SNMP managers
– Generate alerts when thresholds are exceeded
• Manage network components such as
bridges and routers
• Can interrogate devices and make remote
configuration changes

Guide to Networking Essentials, Fourth Edition 39

 Using Remote Monitoring (RMON) for
Advanced Monitoring
• Two versions of RMON:
– RMON1 captures data and collects statistics at Data
Link and Physical layers
– RMON2 collects and analyzes traffic at Network and
higher layers
• Some devices are RMON-capable
– Contain software agents, called probes, that collect
data and communicate with management station
using SNMP

Guide to Networking Essentials, Fourth Edition 40

 Network Troubleshooting
• In spite of planning, monitoring, and other pre-
emptive techniques, problems do occur
• Be ready to troubleshoot network to diagnose and
fix problems, by using:
– Troubleshooting methodology
– Structured approach
– Special tools

Guide to Networking Essentials, Fourth Edition 41

 Troubleshooting Methodology
• Stay calm and use clear head to assess problems
• Steps to help troubleshoot common network
problems include:
– Eliminate potential user errors
– Verify physical connections are working
– Verify status of any suspect NICs
– Restart computer

Guide to Networking Essentials, Fourth Edition 42

 Structured Approach
• Five-step structured troubleshooting approach for
tackling complex network problems:
– Set problem’s priority
– Collect information about problem
– Develop list of possible causes
– Test each hypothesis to isolate actual cause
– For each potential cause, attempt at least one
solution

Guide to Networking Essentials, Fourth Edition 43

 Prioritize
• Determine scope of problem
– Does it affect single computer or more
• If multiple problems, assign each a priority
• Tackle them in decreasing order of severity, starting
with most severe problem

Guide to Networking Essentials, Fourth Edition 44

 Collect Information
• Ask user specific questions to obtain details
• Scan network for obvious problems or failures
• Review previous network problems to determine if
problem is recurrent
• Determine scope of problem by dividing network
into small parts and checking each
• Create troubleshooting checklist to make
task more manageable

Guide to Networking Essentials, Fourth Edition 45

 Establish Possible Causes
• Create list of possible causes
• Rank them in order of likelihood
• Start with most likely cause

Guide to Networking Essentials, Fourth Edition 46

 Isolate the Problem
• Make only one change at a time and test it
• Be sure changes do not introduce new
problem
• Document all hardware, software, or configuration
changes

Guide to Networking Essentials, Fourth Edition 47

 Test Results
• After each change, test results to see if problem is
fixed or new problem is introduced
• When problem is solved, document steps that
implemented solution
– Include information in network documentation
• If change does not fix problem, move to next
possible cause
• Sometimes a change reveals another deeper
problem

Guide to Networking Essentials, Fourth Edition 48

 Using Special Tools
• Most problems occur at lower layers of OSI model
where they are more difficult to troubleshoot
• Variety of special troubleshooting tools help diagnose
problems, including:
– Digital voltmeter (DVM)
– Time-domain reflectometer (TDR)
– Basic and advanced cable testers
– Oscilloscopes
– Network monitors
– Protocol analyzers

Guide to Networking Essentials, Fourth Edition 49

 Digital Voltmeter (DVM)
• Also called volt-ohm meter (VOM)
• Basic electrical measuring device
• Can measure cable’s resistance to determine
if it is broken
• Can detect short circuit in cable

Guide to Networking Essentials, Fourth Edition 50

 Time-Domain Reflectometer (TDR)
• Determines if cable has break or short
• By reflecting back from break, can pinpoint how far
from device break occurs
– High quality TDR can come within few inches of break
• May be used with fiber-optic and electrical cables
• During new installation, use TDR to document actual
lengths of cables
• Standard part of most advanced cable testers

Guide to Networking Essentials, Fourth Edition 51

 Basic Cable Testers
• Test correct termination of twisted-pair cable
• Test continuity of coaxial cable
• Excellent for checking patch cables
• Do not detect breaks in cables
• Do not check for attenuation, noise, or other
performance problems

Guide to Networking Essentials, Fourth Edition 52

 Advanced Cable Testers
• Combine characteristics of DVM, TDR, and
protocol analyzer
• Detect where break is located in cable
• Gather information about cable’s impedance,
resistance, and attenuation
• Function at Physical and Data Link layers of OSI
model
• Can measure frame counts, collisions, congestion,
beaconing information, or broadcast storms

Guide to Networking Essentials, Fourth Edition 53

 Oscilloscopes
• Measure signal voltage over time
• Identify shorts, sharp bends or crimps, cable
breaks, and attenuation problems

Guide to Networking Essentials, Fourth Edition 54

 Network Monitors
• Software that tracks network traffic, including
packet types, errors, traffic to and from each
computer
• Can generate reports and graphs
• Included with Windows NT, 2000/2003 Server
versions and also available from third parties

Guide to Networking Essentials, Fourth Edition 55

 Protocol Analyzers
• Most advanced network troubleshooting device
• Evaluates overall health of network
• Monitors all traffic in real time
• Captures traffic and decodes packets
• Looks inside packets to determine problems
• Generates network statistics
• Can establish baseline for network and troubleshoot
problems
• Most advanced ones combine hardware and software
• Especially good for Layer 3 (Network) devices
• Some protocol analysis capability in Window’s Network
Monitor
Guide to Networking Essentials, Fourth Edition 56
 Network Support Resources
• Variety of network support resource formats
– Software products
– Online services
– Subscription services
– Printed material

Guide to Networking Essentials, Fourth Edition 57

 Microsoft TechNet

• Microsoft Technical Information Network

(TechNet) is subscription service
– Includes monthly set of CD-ROMs with product
information, technical support updates, software
drivers, and online tutorials
• Valuable tool for gathering information and
diagnosing network problems
• Easy-to-use interface
• Online version is free

Guide to Networking Essentials, Fourth Edition 58

 Common Troubleshooting Situations
• Some of most common network problems involve:
– Cabling and related components
– Power fluctuations
– Upgrades
– Poor network performance

Guide to Networking Essentials, Fourth Edition 59

 Cabling and Related Components
• Majority of network problems occur at Physical
layer and involve cables, connectors, and NICs
– Make sure cable is properly connected and
correct kind
– Be sure length is within maximum limit for type of
medium
– Check LEDs on NIC, if available
– Exchange NIC with known working one
– Use PING utility to check connectivity to other
computers

Guide to Networking Essentials, Fourth Edition 60

 Power Fluctuations
• Caused by electrical storm or power failure
• Adversely affect computers
• Afterwards, verify that servers are up and
functioning
• Use Uninterruptible Power Supplies (UPSs)
– Especially important for servers
– Provide battery power so computers can be brought
down without data loss
– Some perform automatic shutdowns

Guide to Networking Essentials, Fourth Edition 61

 Upgrades
• Constantly changing technology makes it
necessary to upgrade equipment and software
frequently
• Some important considerations when performing
network upgrades:
– Keep current and do one upgrade at a time
– Ignoring upgrades may require complete network
overhaul
– Test any upgrade before deploying it
– Inform users about upgrade: when it will occur, what
is involved, and what to expect

Guide to Networking Essentials, Fourth Edition 62

 Poor Network Performance
• If network slows over time, ask these questions
to pinpoint causes:
– What has changed?
– Have new equipment or applications been added?
– Is someone playing electronic games across
network?
– Are there new users on network? How many?
– Is other new equipment, such as a generator,
causing interference near network?
• May be necessary to expand network to increase
current capacity

Guide to Networking Essentials, Fourth Edition 63