Chapter 6: Managing Network Services

Troubleshooting in the context Key Aspects of

Troubleshooting:
of network services and systems
refers to the process of Problem Identification:
Recognizing that an issue exists
diagnosing, identifying, and through user reports, alerts, or
resolving issues that affect the monitoring tools.
Diagnosis: Analyzing the
functionality and performance of symptoms and using diagnostic
networks and computer systems. tools to determine the
underlying cause of the
This involves a systematic problem.
approach to pinpointing the root Resolution: Implementing
solutions to fix the issue, which
causes of problems and applying may involve reconfiguring
solutions to restore normal settings, updating software,
replacing hardware, or
operations. modifying network designs.
Testing: Verifying that the
problem is resolved and
ensuring that the solution does
not introduce new issues.
Documentation: Recording the
problem, its resolution, and any
steps taken to prevent future
occurrences.
 Common System Problems
Hardware Failures:
• Power supply failure.
• Hard drive crashes and system overheating.
• Impact on network performance.
• Troubleshooting steps: checking cables, power connections,
hardware diagnostics tools.
Software Issues:
• Operating system corruption, software conflicts, application crashes.
• Virus or malware infections.
• Resolving software failures: system restore, updates, antivirus scans.
Performance Problems:
• System slowdowns or crashes due to overloading.
• High CPU or memory usage.
• Resolving performance issues: resource monitoring tools,
performance tuning.
User Account Problems:
• Issues with login, authentication failures, permissions problems.
• Troubleshooting with account management tools.
 Managing Network Services
Maintenance Troubleshooting: C ommon System and Network
Problems
 Network troubleshooting is the repeatable process of identifying problems with a network
through related to connectivity, performance, security, and other aspects of networks and
solving those problems using testable methods.
 Of course, troubleshooting isn't just about resetting user passwords or restarting devices.
 Especially in large organizations, it's about a set of procedures, practices, and tools used to
process numerous requests by a complex mix of users and dispersed network assets and
infrastructure.
 More commonly, network troubleshooting is embedded in a network management
system (NMS).
 An NMS monitors networks continuously and sends status updates and alerts, when needed
on network key performance indicators (KPIs) such as connection speed, bandwidth,
latency, users, and access.
 The NMS performs monitoring by querying the various parts and nodes of the network to
update status, at an interval determined by the IT team.
 Newer network elements, however, use telemetry to transmit their KPIs automatically.

B a s i c Network Problems
Physical Connectivity issues (Cable problem):
 A network connection can suddenly break because of physical connectivity issues.
 The events could be caused when a network cable becomes damaged, and the network
cables that aren't connected or plug in to switch port properly.
Connectivity Problem:
 The port or interface on which the device is connected or configured can be physically down
or faulty due to which the source host will not be able to communicate with the destination
host.

3
Configuration Issue:
 Due to a wrong configuration, looping the IP, routing problem and other configuration issues, network fault may
arise and the services will get affected.
Software Issue:
 Owing to software compatibility issues and version mismatch, the transmission of IP data packets between the
source and destination is interrupted.
Traffic Overload:
 If the link is over utilized then the capacity or traffic on a device is more than the carrying capacity of it and
due to overload condition the device will start behaving abnormally.
Network IP issue:
 Due to improper configuration of IP addresses and subnet mask and routing IP to the next hop, the source will not be
able to reach the destination IP through the network.
 If there are duplicate IP addresses, neither system can access the network reliably.
Policy Failures:
 Network performance can suffer when network policies, such as those for security, traffic management, and access
control, inadvertently contradict each other.
Slow Network:
 Users complain the network is too slow.
Bandwidth Bottlenecks: High bandwidth usage can slow down the network. Solution: Monitor network traffic and manage
bandwidth allocation
 There can be many reasons why a network that provided adequate performance in the past is now frustrating its users.
 For instance, a new application, such as video conferencing or online training videos, may have been added.
 A failing switch port or link could cause traffic to route around the failure and overload another link.
 In other cases, the network could be part of a larger organizational network.
 As a result, a change in the larger network has resulted in more traffic through the internet connection point, slowing
responses to cloud resident applications.
Weak Wi-Fi Signal
 Wi-Fi signal strength may be adequate almost everywhere, but it could be weak or nonexistent in other areas.

4
 Rearranging an office area can result in a weak wireless connection, where signal strength
had been adequate before the move.
 For example, a large metal object, like a file cabinet, can block the Wi-Fi signal.
Excessive CPU Usage
 Task Manager is the first thing to use to find which application is using a high proportion of
system resources, such as CPU, memory or disk space.
 This basic troubleshooting step may not reveal a problem since some applications may be
performing complex calculations, receiving high-speed video or interacting with large
databases.
 A virus may also consume resources, so make sure antivirus software is up to date.
 If an application has been running for a long time, it may slowly leak resources.
 The quickest way to improve performance is to stop and restart the application, although
sometimes you may need to stop and restart the entire system.
 Updating device drivers may also improve performance.
 Task Manager also shows applications you didn't know were running in the background.
Editing startup files can eliminate this problem.

Slow DNS lookups

 The DNS matches the common name used to match server or service names with the internet
address that routes a network request.
 (Cause: wrong DNS configuration, DNS server down).
 For commonly used names, the matchup is probably already stored in the system's DNS cache,
and the lookup is quick.
 For less commonly used names, the matchup may be stored in a more distant cache, such as
the root server of the top-level name, such as .com, .org or a national root, such as .uk
 Each DNS server along the path checks its cache before making a request to the next server
along the path.
 The next server then checks its cache, repeating the process.
 If lookup is slow, there may be a slow link along the path or a slow or overloaded server.
 To address this issue, your local network administrator can reconfigure local routers to shift
requests to a faster chain of servers.

5
Can't Connect to Printer
 When users can't connect to a printer, the first step is to check simple things like whether the printer
is plugged in, turned on and has paper.
 Also, make sure the printer appears on Devices and Printers on Windows.
 If it does, click to check whether the file is queued.
 Also, check the printer vendor's website because some brands have a downloadable app that can
diagnose and fix problems.
 Shut off the printer, and turn it back on.
 Also, shut down your system, and turn it back on.
 Finally, update printer drivers and your OS.
 In some cases, you may need to temporarily shut down your antivirus software.
 For a wireless printer, make sure it's connected to the signal.
VLAN and VPN Problems
 Check for virtual LAN (VLAN) misconfiguration issues.
 Review the configuration on each switch, carefully comparing configurations to ensure
compatibility of switch configuration.
 The most common VPN problem is a failure to connect.
 First, check to see if you're successfully logging in to the service, and make sure your account is
up to date and you're entering your correct credentials.
 Next, check firewall settings.
 You need to open some ports.
 Check if that is the problem by temporarily shutting down your firewall.
 Finally, restart your system.

Developing G en eral Strategies

 Network troubleshooting is a repeatable process, which means that you can break it down into
clear steps that anyone can follow.

1. Identify the Problem

 The first step in troubleshooting a network is to identify the problem.
As a part of this step, you should do the following:

6
  Gather information about the current state of the network using the network troubleshooting tools
that you have available to you.
 Question users on the network to learn about the errors or difficulties they have encountered.
 Identify the symptoms of the network outage.
 Determine if anything has changed in the network before the issues appeared.
 Define individual problems clearly.
 Sometimes a network can have multiple problems.

2. Develop a Theory
 Once you have finished gathering all the information that you can about the network issue or
issues, it’s time to develop a working theory.

3. Test the Theory

 Using the tools at your disposal, it’s time to test your theory.
 At this stage, it’s important to remember that proving your own theories wrong doesn’t mean that
you’ve failed.
 Instead, it means that it’s time to return to step two, develop a new theory, and then find a way
to test that one.

4. Plan of Action
 Once you’ve confirmed your theory about the causes of the network issues, you’re in a position
to solve them.
 Come up with a plan of action to address the problem.
 Sometimes your plan will include just one step. For example, restart the router.
 In other cases, your plan will be more complex and take longer, such as when you need to order
a new part or roll a piece of software back to a previous version on multiple users’ computers.

5. Implement the Solution

 Now that you have a plan for fixing the network, it’s time to implement it.
 There are some solutions that you may be able to do by yourself, while others may require
cooperation from other network administrators or users.

6. Verify System Functionality

 Once you’ve implemented your solution, be sure to test the network.

7
  Make sure that the issue in question has been resolved, but also be on the lookout for other issues that may
have arisen from the changes that you made to the network.
 As part of your verification process, make sure to consult both the network tools at your disposal as well as
individual user accounts of their experiences on the network.

7. Document the Issue

 Make sure to document each stage of troubleshooting the problem, including the symptoms that appeared
on the network, the theory you developed, your strategy for testing the theory and the solution
that you came up with to solve the issue.

Key Tools for Troubleshooting

Command-Line Tools:
• Pings, tracert, nslookup, ipconfig, netsstat
GUI-based Tools:
• Event Viewer, Task Manager, Resource Monitor.
Network Tools:
• Wireshark, Nmap, NetFlow analyzers for advanced
troubleshooting.

Developing Preventive Maintenance Strategies

Regular System Updates:
Scheduling regular updates to operating systems, applications, and
network equipment to avoid vulnerabilities.
Backups and Redundancy:
Regular backups, implementing failover mechanisms for critical
services.
Monitoring Systems:
Setting up monitoring for early detection of system and network
issues.
 Key Tools for Troubleshooting

1. Command-Line Tools
Ping:
•Function: Tests connectivity between your device
and another device (like a server) on the network.
•Usage: ping [destination]
•Example: ping www.google.com
Tracert (Windows) / Traceroute (Linux):
•Function: Maps the path data takes from your device
to a destination, showing each hop along the way.
•Usage: tracert [destination] (Windows) / traceroute
[destination] (Linux)
•Example: tracert www.google.com
Nslookup:
•Function: Queries DNS servers to obtain domain
name or IP address mappings.
•Usage: nslookup [hostname]
•Example: nslookup www.google.com
Ipconfig (Windows) / Ifconfig (Linux):
•Function: Displays IP address configuration
and network adapter information.
•Usage: ipconfig (Windows) / ifconfig (Linux)
•Example: ipconfig /all
Netstat:
•Function: Lists active connections and
network statistics.
•Usage: netstat
•Example: netstat -an
 2. GUI-based Tools

Event Viewer:
•Function: Monitors system logs for error messages
and warnings.
•Usage: Access through the Control Panel or by
typing eventvwr in the run dialog.
•Example: Look for logs under Windows Logs >
System.
Task Manager:
•Function: Provides information about running
applications, processes, and system performance.
•Usage: Access by pressing Ctrl+Shift+Esc or
Ctrl+Alt+Del.
•Example: Use the Performance tab to monitor CPU
and memory usage.
Resource Monitor:
•Function: Offers detailed information about CPU,
memory, disk, and network usage.
•Usage: Access via Task Manager or by typing
resmon in the run dialog.
•Example: Use the Network tab to see which
processes are using the most network bandwidth.
 3. Network Tools
Wireshark:
•Function: Captures and inspects packets
traveling on the network.
•Usage: Install and run Wireshark, then select the
network interface to start capturing traffic.
•Example: Use filters to analyze specific types of
traffic, like http or tcp.port==80.
Nmap:
•Function: Scans networks to identify devices and
services running on them.
•Usage: nmap [options] [target]
•Example: nmap -sP 192.168.1.0/24 for a ping scan
of a subnet.
NetFlow Analyzers:
•Function: Analyzes network traffic data collected
from NetFlow-enabled devices.
•Tools: Examples include SolarWinds NetFlow
Traffic Analyzer, PRTG Network Monitor, and
Plixer Scrutinizer.
•Usage: Configure the tool to collect data from
routers or switches, then analyze the traffic
patterns.
•Example: Monitor bandwidth usage, identify top
talkers, and detect anomalies in network traffic.
 Resolve Boot Problems, Backup and
Restore Data and System Volume

Boot problems are issues that prevent a computer from loading the
operating system (OS) into its main memory, or RAM. Some common
boot error messages include:
• No Boot Device Found"
• Operating System Not Found"
• Boot Configuration Data (BCD) Missing or Corrupted"
• Bootmgr is Missing"
• Windows Failed to Start"
• Automatic Repair Couldn't Repair Your PC"
• Blue Screen (BSOD) or STOP Error"
• Blank screen with a blinking cursor“
Some possible causes of boot problems include:
• Hardware or software issues
• Attached peripherals, such as external hard drives or USB-powered
mice
• A recent hardware or software change
Here are some things you can try to fix boot problems:
• Perform a hard reset
• Remove external devices, such as USB drives and printers
• Check the BIOS boot order
• Run a preboot diagnostics test
• Use a different bootable device
• Run Windows Startup Repair
• Run CHKDSK to resolve file system corruption
• Repair the Master Boot Record (MBR)
• Scan for viruses and malware
• Repair or reinstall the operating system
 Resolve Bo o t Problems, B a c k u p and Restore D a t a and
System Volume
 The Bootrec.exe tool used in the Windows Server 2016 to repair or resolve boot problems.
Way1: Windows Server 2016 repair with Bootrec.exe.
This method applies to Windows Server 2016 repair boot:
1. Insert the Windows Server 2016 installation media into your computer and boot from it.
2. At the Windows Setup Dialog, set your appropriate settings and click next.
3. Click Repair your Computer > Troubleshoot > Command Prompt.

4. In Command Prompt, input following command lines and press Enter after each.
bootrec /fixmbr bootrec /fixboot bootrec /rebuildbcd y (to confirm that you want to
add new Windows installations to the Boot Configuration Database)
5. Exit Command Prompt and restart your computer.

14
Backup and Restore Data and System Volume

Backup and restore is the process of making copies of data and

storing them in a secure place in case of loss or damage. The
data can then be restored to its original location or a safe
alternative. Backups are important for protecting against
hardware failure, virus attacks, power failure, and natural
disasters.
Here are some types of backup and restore options:
Volume restore
This method can be faster than a full-volume restore from a no optimized backup
store because the amount of data copied is smaller.
Bare metal restore (BMR)
This backup includes a system state backup and is used when a computer won't
start.
Cloud backups
These services store data on remote servers, usually run by a third party. Cloud
backup services can include encryption, redundancy, and automated backups.
Full backup
This is the most basic and complete type of backup, where all data is sent to
another location.
Incremental backup
This type of backup copies only the data that has changed since the last backup.
Differential backup
This type of backup copies only copies of all files that have changed since the last
full backup.
Some devices that can be used for data backup and storage include: External hard
disks, Solid-state drives (SSD) and USB flash drives, CD technology, DVD
technology, and Online storage.
 B a c k u p and Restore D a t a and System Volume
 There are two distinct ways you can back up Windows Server 2016.
 One is with the Windows Server Backup, and the other is via reliable and effective data recovery
software.

W h y D o Y ou B a c k U p Windows Server 2 0 1 6
 Data security (Backup) is one of the most vital aspects for users, various causes can lead to data
loss such as: a power failure or device breakdown, lose data due to software upgrades or
malfunctions, human errors can lead to that massive data loss that solution can seek is a backup.
 There is nothing to worry about when you use Server backup software.
 It is one of the most secure methods one can use to protect crucial data.
 Also go through the data recovery pathway.

B a c k u p Windows Server 2 0 1 6 with Windows Server B a c k u p Feature

 One of the best ways to back up Windows Server 2016 is via the Windows Server Backup.
 WSB is an essential backup software for Servers.
 However, before we proceed, it is vital to know more about this feature.

W h a t is Windows Server B a c k u p ( W S B )
 Windows Server Backup or WSB is a critical feature of Windows that offers recovery and backup
options to users using Windows Server.
 However, to use this feature, you must first install it on the Windows Server.
 With the Windows Server Backup, you can backup specific files, folders, system states, particular
volumes, and an entire server.
 The WSB also makes it easy for users to recover the data.
 You can recover files, folders, system states, particular applications, and volumes without hassle.
 In the event of failure of the hard disks, you can opt for the bare metal recovery.
 The feature also allows you to manage backups for both remote and local computers.

17
H o w to Install Windows Server B a c k u p
 Step 1: Go to Server Manager >> Manage >> Add Roles and Features >> Role-based of
feature based installation >> Select a server from the server pool.
 Then you can follow the wizard to select Windows Server Backup and install it.
 After that, click Tools in Server Manager and choose Windows Server Backup to continue.

Step 2: Click Local Backup to choose Backup Schedule or Backup Once according to your needs.
Here I’ll choose the former to set up an automatic backup.

18
Step 3: Choose backup configuration. Full server refers to all the data on the server, and Custom
allows you to select volumes and files manually.
I’ll choose Custom here to show you what could be included in this backup.

Step 4: To perform system restore on Windows Server 2016, there are several options you could
consider:
System state backup:
 Backs up operating system files, enabling you to recover when a machine bootable but
you've lost system files and registry.
 A system state backup includes: Domain member (Boot files, COM+ class registration
database, registry) and Domain controller (Active Directory (NTDS), boot files, COM+
class registration database, registry, system volume (SYSVOL).
 Optionally, you can tick System Reserved and C: drive to include all the data and files in
system drives.
Bare metal recovery:
 Backs up operating system files and all data except user data on critical volumes.
 It allows you recover everything on the machine when it won't start.
 By definition a BMR backup includes a system state backup.
 Make your own decision and click OK to confirm.

19
Step5: Then, set up a schedule to run the backup automatically. You can choose once a day or
more than once a day. Click Next to proceed.

20
Step 6. Now you can specify a destination type, like a hard disk, a volume or a shared network
folder. Hard disk is the recommended one. Then select the destination disk and confirm it.

21
Step 7: Click Finish to start backup. Note the destination disk will be formatted after backup, so
please use a blank disk or backup the data on it at first. Now, need to wait some time for the backup
to complete. It may take some time, depending on the volume of the backup.
 Notice: Keep in mind that there is no need to reboot or restart Windows Server to
install the feature.
 After the installation, you need to develop a backup plan.
 There are different backup plans you can select from.
 These include the whole server, files and folders, critical volume, individual volumes,
and system state.
 It is crucial to choose a particular backup plan and then move forward.

H o w can I check my Windows Server 2 0 1 6 backup?

 You must go to the Control Panel to check the Windows Server 2016 backup status.

22
 It would be best if you chose the server from the server box and then to the Backup and
archiving section.
 Press the Backup and Restore Manager options, and then look at the server status.

H o w to Perform System Restore in Windows Server 2 0 1 6

Step 1: With a previously created system state backup, you can select the backup task, and
choose Recover to get started.
Step 2: Choose this server if it’s a local backup, then select the date of the backup that you
want to use for system restore.

Step 3: Select what you want to recover from the backup. Choose System state here.

23
Step: 4 Then specify where you want to restore it to. Original location is the default selection.

Step 5: Confirm the operation and click Recover to proceed.

24
H o w to perform bare metal recovery on Windows Server 2 0 1 6
 If your machine fails to start and you’ve created a bare metal backup before, you could
perform a bare metal recovery to restore the operating system with all the data in critical
volumes (except user data).
Step 1: Insert the bootable media of Windows Server 2016 to boot it, click Repair your computer
to enter recovery environment.

Step 2: Choose Troubleshoot > System Image Recovery to get started.

Step 3: Your latest available system image will be auto detected, click Next to continue or choose
Select a image to specify the backup you want to restore from another location.

25
Step 4: Keep the option Format and repartition disks ticked to match the layout of the system
image, and click Next.

Step 5: Confirm the information and click Finish to perform system image recovery on Window
Server 2016.

26
 Using Event Viewer and Troubleshoot Connectivity
Network Troubleshooting Tools
 There are a number of tools available for diagnosing and treating network issues.
 These tools exist in the computer’s operating system itself that use to troubleshoot a network.
Command-Line Tools
 On Windows PCs, the command prompt can be accessed by searching for it in the start
menu or by typing “cmd” into the Run window.
 On a Linux system, you can press Ctrl + Alt + T to open the command line.
 Ping and tracert testing
Ping: If the IP address is correct, the receiving host returns the datagram.
 To diagnose the problem further, IT teams can use the ping utility or the tracert command
to test connections with remote servers and return information about the signal path.
 A TCP/IP utility that determines the route data takes to get to a particular destination.
 This tool can help you to determine where you are losing packets in the network, helping
to identify problems.
DNS checks
 The nslookup a DNS utility that displays the IP address of a hostname or vice versa.
 This tool is useful for identifying problems involving DNS name resolution.
 When an IT team performs a DNS check and receives results such as "Request timed out"
or "No response from server," the problem might originate in the DNS server for the
destination by using a troubleshooting command of nslookup.
IP-Configuration Checks
 Problems with IP addresses cause many network issues. Often, assigning a new IP address
can resolve an issue if a previous address was incorrect.
 The ipconfig a troubleshooting command that verifies network settings and connections.
 It can tell you a host’s IP address, subnet mask and default gateway, alongside other
important network information.

27
Command-line tools
 The most common command-line tools are ipconfig and nslookup.
 Numerous others such as iptables, netstat, tcpdump, route, arp, and dig can also help
identify network issues.

Service provider checks

 Outages do occur, even with major cloud providers and cloud-based services.
 Providers' status pages report outages that might be affecting network performance.

Virus and malware checks

 Viruses and other malware can affect network performance, and often they're not easy to
detect.
 IT teams should use security tools to see whether new attacks have been flagged.

Database logs
 Databases that are full or overtaxed can slow performance across the network.
 A fresh review of database logs will show whether this is the case.

Test environments
 For cases that are especially challenging or that involve sensitive or restricted data, IT teams
may need to construct test environments, where they can re-create problems and test
solutions.

28