CHAPTER 13
TROUBLESHOOTING A NETWORK
Lesson 1: Understanding the Program ………………. 492
Lesson 2: Troubleshooting Tools …………………….
499
Lesson 3: Where to Find Help ……………………….
507
Lesson 1:
If you approach a network problem with a plan of action, the cause and resolution will be easier
to find. Here, you will learn to apply a structured approach to divide a network into functional
units and then identify the problems.
Troubleshooting is the most difficult task to learn. You must approach the problem in a
organized and methodical manner. The process is divided into 5 steps, Defining the Problem,
Isolating the Cause, Planning the Repair, Confirming the Results, and Documenting the Outcome.
STEP 1: DEFINING THE
PROBLEM
Be careful of intermittent errors, these usually indicate that there are hardware problems on the
system. You must ask many questions such as:
1) Have the user define the problem in their own words.
2) When did you first notice the problem or error?
3) Has the computer recently been moved?
4) Have there been any recent software or hardware changes?
5) Has anything happened to the workstation? Was it dropped or was something dropped on it?
Possibly spilled coffee or pop on the keyboard.
6) When exactly does the problem or error occur? During the startup process? After lunch?
Constant, when opening Word, E-Mail, Slow Processing?
7) Can you reproduce the problem or error?
8) What does the problem or error look like?
9) Describe any change in the computer (noises, screen changes, disk activity lights) etc.
Write it down, it may help
You must ask many questions and also really listen to the user.
=======================================================================
nnotes13.html PAGE 2 2001/10/17
STEP 2: ISOLATING THE
CAUSE
If it is an operator-induced problem, it is important to observe how it is created, as well as the
results. The most difficult problems to isolate are those which are intermittent and that never seem
to occur when you are present.
It can help to tell the user to refrain from doing anything with the computer when the problem recurs,
except to call you. That way the “evidence” won’t be disturbed.
Observe the user, if a keyed combo hit during typing. (Ctrl/Alt/Fe) crashed system. Have them
demonstrate.
STEP 3: PLANNING THE REPAIR
After you have narrowed your search down to a few categories, the final process of elimination
begins. After you have located the problem, either repair the defect or replace the defective
component. If the problem is software-based, be sure to record the “before” and “after” changes.
STEP 4: CONFIRMING
THE RESULTS
No repair is complete without confirmation that the job has been successfully concluded. You should
also ensure that the fix did not generate new problems.
If changing settings ensure you are not making problems worse on the network.
STEP 5: DOCUMENTING
THE OUTCOME
Finally, document the problem and the repair. Recording what you’ve learned will provide you with
invaluable information. There is no substitute for experience in troubleshooting, and each new problem
presents you with an opportunity to expand that experience. Keeping a copy of the repair procedure
in your technical library can be useful when the problem occurs again.
=======================================================================
nnotes13.html PAGE 3 2001/10/17
Segmenting the Problem
If the initial review of network statistics and symptoms does not expose an obvious problem,
dividing the network into smaller parts to isolate the cause is the next step in the troubleshooting
process. Check the hardware and network components including:
Often isolating or removing a portion of the network will help to get the rest of the network up and
operational again.
Most protocols use what’s known as “retry logic,” in which the software attempts an automatic
recovery form a problem. This becomes noticeable through slow network performance as the
network makes new and repeated attempts to perform correctly.
Isolating the Problem
After you have gathered the information, rank the list of possible causes in order, beginning with the
most likely and moving to the least likely cause of the problem. For example, if you suspect that a
faulty network interface card (NIC) in one of the computers is the cause of the trouble, replace it
with a NIC that is known to be in good working order.
Setting Priorities
Everyone will want their computer fixed first, but you must set some priorities. It must not be first com
first serve, but maybe based on the importance of the problem.
=======================================================================
nnotes13.html PAGE 4 2001/10/17
Lesson 2:
Troubleshooting Tools
HARDWARE TOOLS
Digital Voltmeters – or digital multimedia, and electronic measuring device, it can do the following:
Time-Domain Reflectometers (TDRs) Send sonar-like pulses along cables to locate breaks, shorts,
or imperfections. Using a TDR requires special training, and not every maintenance department will
have this equipment.
Advanced Cable Testers – work beyond the physical layer of the OSI reference model in the data-link
layer, network layer and even the transport layer.
Crossover Cables – are used to connect two computers directly with a single patch cable. Because
the send and receive wires are reversed on one end, the send wire from one computer is connected
to the receive port on the other computer. Crossover cable are useful in troubleshooting network
connection problems.
Hardware Loopback – device is a serial port connector that enables you to test the communication
capabilities of a computer’s serial port without having to connect to another computer or peripheral
device.
Tone Generator and Tone Locator – Tone generators are standard tools for wiring technicians
in all fields. A tone generator is used to apply an alternating or continuous tone signal to a cable
or a conductor.
Oscilloscopes – are electronic instruments that measure the amount of signal voltage per unit
of time and display the result on a monitor. When used with TDRs, an oscilloscope can display:
load to carry.
=======================================================================
nnotes13.html PAGE 5 2001/10/17
SOFTWARE TOOLS
Software tools are used to measure trends and identify network performance problems. Below
is a list of some helpful tools:
Network Monitors – are very useful for establishing part of the networking baseline. After the
baseline has been established, you will be able to troubleshoot traffic problems and monitor
network usage to determine when it is time to upgrade.
Protocol Analyzers – also called “network analyzers,” perform real-time network traffic analysis
using packet capture, decoding and transmission data. Protocol analyzers look inside the
packet to identify a problem. They can be very costly, so just rent them. They can also
generate statistic based on network traffic to help create a picture of the network, including the:
Protocol Analyzers have built-in TDRs, and can help with the following:
Network General Sniffer
A sniffer can decode and interpret frames from 14 protocol including AppleTalk, Windows NT,
NetWare, SNA, TCP/IP, VINES, and X.25. Sniffer measures the network traffic in kilobytes
per second, frames per second, or as a percentage of available bandwidth. Cost $25,000 to
$30,000.
=======================================================================
nnotes13.html PAGE 6 2001/10/17
Novel’s LANalyzer
The LANalyzer software performs much the same function as Sniffer but is available only on a
NetWare LAN. Only for IPX/SPX.
Monitoring and Troubleshooting Tools
Windows NT includes a diagnostic tool called Network Monitor. This tool give the administrator
the ability to capture and analyze network data streams to and from the server.
SNMP (Simple Network Management Protocol)
Network management software follows standards created by network equipment vendors. In an
SNMP environment, programs called agents are loaded onto each managed device. Agents are
great they act like a sleeper and sets a trap. The agents monitor network traffic in order to gather
statistical data. This data is stored in a management information base (MIB). SNMP is used at
the Application Layer of the TCP/IP Protocol stack. Security may be a problem with the original
version. Version 2 encodes and encrypts.
SNMP components include:
Lesson 3:
Where to Find Help
Ask a co-worker you trust. Ask a Manufacturer, refer to documentation, and make called to
Technicians over the issue.
TechNet
An awesome resource to have, it is $500.00/year, but invaluable in the business.
Microsoft Technical Information Network (TechNet) provides information to support all aspects of
networking with an emphasis on Microsoft products.
Easy to install, adds icons to the appropriate program group for easy access.
=======================================================================
nnotes13.html PAGE 7 2001/10/17
BBS (Bulletin Board System)
You can access the knowledge of experienced networking professionals by posting troubleshooting
questions to them. This was very popular before the Internet.
User Groups
They are a good source of information. Some meetings are held online. Magazines, Windows 2000,
Laptops etc.
Internet Services:
The World Wide Web:
The WWW (web) contains a vast storehouse of hypertext documents written using the Hypertext
Markup Language (HTML), Extensible Markup Language (XML), and Standard Generalized
Markup Language (SGML), among others. WWW is just a machine that searches CACHE for
the requested location. The WWW will speak to other servers while looking the information.
HTML has a set of codes which your computer translates.
Hypertext is a method for presenting text, images, sound, and videos that are linked together in a
nonsequentail web of associations. The hypertext format allows the user to browse through topics
in any order. Internet tools and protocols help to locate and transport resources between computers.
FAQ = Frequently asked Questions, you must view at a site, and if the information you are looking
for is not there, then you can ask them.
Domain Name System (DNS)
Every computer on the Internet has a unique IP address. The IP address is four sets of digits
separated by dots (such as 198.26.8.34)
=======================================================================
nnotes13.html PAGE 8 2001/10/17
Because there strings of numbers are hard to remember and difficult to accurately type, the domain
name system (DNS) was created. Domain names enable short, alphabetical names to be assigned
to IP addresses to describe where a computer is located. In the example, http://www.microsoft.com,
the domain name is www.microsoft.com. A Web site with a recognizable or memorable name
will receive more hits than a site with an unimaginative name. Domain names can represent the
corporate identity, as is the case with Amazon.com, or become part of it, as in the case of
CNN.com.
In Microsoft Windows NT Server the HOSTS and LMHOSTS files are configuration files that are
responsible for name resolution. The HOSTS file resolves host names to IP addresses, and the
LMHOSTS file resolves NetBIOS names to IP addresses. Both are ASCII files that can be edited
with Microsoft Notepad or any other plain-text editor.
Here are some examples of domain types:
Examples of international domain designations include the following:
Internet Names:
Every resource on the Internet has its own location identifier or Uniform Resource Locator
(URL). The URL consists of several parts:
The address begins with two forward slashes. Aside from using forward slashed rather than
backslashes, this is very similar to the universal naming convention (UNC) format. The address
below is the entry for accessing the Microsoft World Wide Web server. The “http:” indicates
the protocol you use. The rest of the entry, //www.Microsoft\.com, is the address of the computer.
=======================================================================
nnotes13.html PAGE 9 2001/10/17
http:// = How
www.microsoft.com = Where
default.htm = What
The entry below shows how to access the Microsoft FTP server. In this case you are using
the FTP protocol.
FTP (File Transfer Protocol
FTP is a common file transfer protocol, and FTP support is one method of supporting remote
networks. FTP servers can provide vast amounts of information stored as files. The data in these
files cannot be accessed directly, instead the entire file must be transferred from the FTP server to
the local computer. The file-transfer program is for TCP/IP environments and is implemented at
the Application layer of the OSI model.
When you seek to download files from manufacturers’ Web sites, the often refer to their FTP sites.
The reason for this is that FTP is much faster and better for file transfers and it keeps their WE side
open for other users.
Electronic Mail (E-MAIL)
Electronic Mail the sending and receiving of electronic messages is currently one of the most popular
activities on the Internet. E-mail is a staple on most commercial online service and for many people
is the primary reason for getting on the Internet or subscribing to an online service.
To send E-Mail, you must know the recipient’s E-mail address. These addresses are composed of
the user’s identification, followed by the @sign, followed by the location of the recipient’s computer.
For example, the e-mail address of the President of the
The last three letters indicate this location is a government-sponsored domain on the Internet.
When you access the Internet through a local service provider or one of the large commercial online
services, you can exchange e-mail without incurring the expense of a long-distance telephone call.
E-mail has the added advantage of allowing you to access messages at your convenience. You can
also send an identical message to multiple recipients at one time.
Samples of E-MAIL are: Outlook, Lantastic, Lotus Notes, Send Mail
=======================================================================
nnotes13.html PAGE 10 2001/10/17
News
NNTP, Network News Transfer Protocol, is an Internet standard protocol defined for distribution,
inquiry, retrieval, and posting of news articles. USENET is a popular use of NNTP. Larger, than
CNN (1/2 million news groups, but not live coverage). Similar to E-Mail, lots of people can view it.
Telnet
Telnet was one of the first Internet protocols developed and can be used to act as a remote terminal
to an Internet host. When you connect to an Internet host, your computer acts as if your keyboard
is attached to the remote computer.
Internet Sites
Many companies offer various types of support through Internet sites. For example, Microsoft
maintains an Internet server that recognizes FTP. The FTP server contains product information,
drivers, and other features for the network administrator or technician.
Locating Resources
Today, network vendors have Web sites that serve as important resources for network troubleshooters.
If you do not know the URL for your vendor, try typing the vendorname.com. If that does not work,
use a search engine to look for the company name. Be sure to look through all the results; the
information you seek might not be on the first page of the results. If your search yields hundreds or
thousands of results, try refining the search. Most sites have instructions on how to narrow your
search to the item you want. And finally, if you do not get the results you are seeking, try a different
search engine.
Locating resources on the Internet is possible because each resource on the Internet has an address.
The programs known as browsers use these resource addresses and search engines to help users
find information on a specific topic.
Browsers
To browse the WEB you need a graphical interface called a Web Browser. Some common Web
browsers are Mosaic, Netscape, and Microsoft Internet Explorer. Once you have your browser and
an Internet connection, accessing the Internet is fairly straightforward. Because so much information
is provided on so many sites, search sites have proliferated to help users access the wealth of information
that continues to appear on the Internet. To access them, all you need is their URL. Some of the more
common search sites are:
=======================================================================
nnotes13.html PAGE 11 2001/10/17
Making an Internet Connection:
In order to access servers on the Internet, your computer needs to be connected to the Internet WAN.
|
Web
Browser |
|
WinSock |
|
TCP/IP |
|
Internet Service Protocol |
=======================================================================
nnotes13.html PAGE 12 2001/10/17
There are currently two basic ways to physically connect to the Internet. The first is through dial-up
lines, this is the most widely used. The second method for connecting to the Internet is an ISDN
connection.
Dial-up
There are several variations on the dial-up account, that provide different capabilities, depending on
the protocols used. All these connections require the Internet Protocol, and are therefore, called IP
accounts. The three types of IP accounts are Point-to-Point Protocol (PPP), Serial Line Internet
Protocol (SLIP), and CSLIP, which is a compressed version of SLIP.PPP is the emerging connection
of choice because it is faster and more reliable than other IP account types. But PPP is also more
complex, so many computer platforms still only have built-in support for SLIP. Supplemental
programs are being developed to enable most platforms to support PPP accounts. In addition to
the increased flexibility of PP, it also offers a dynamic allocation of IP addresses similar to Dynamic
Host Configuration Protocol (DHCP), which makes logging on to the service simpler than having
you provide a valid IP address. With a SLIP account, an automated script is generally used to
make logging on more automatic. SLIP
is quicker than PPP.
With both SLIP and PPP, the provider gives you a temporary IP address on the Internet and you
can run any WinSock program (a program written to follow the Windows sockets specifications)
on it. This includes graphical Web browsers such as Mosaic, Netscape, or Microsoft Internet
Explorer.
ISDN
ISDN provides a faster connection and can be more economical than dial-up service, if it is offered
in your local area code. Theoretically, both dial-up and the ISDN methods can connect single-user
accounts or multiple-user account to the Internet. Dial-up accounts are probably most affordable
for individual users, but ISDN provides a more economical solution for LANs, which connect
multiple users at a specific location to the Internet.
If you connect directly to the Internet or are directly connected to a service provider, the computers
on the Internet are essentially a part of your WAN, which means that you can access them directly.
One issue to be aware of with this is that you are also accessible to them, which can lead to potential
security concerns. For this reason, it is common for organizations using a direct connection to set up
a special machine, called a proxy agent, to act as a gateway between their local network and the
Internet. The proxy agent filters request over the gateway and makes it more difficult for unauthorized
requests to reach the local network.