Network+ Guide to Networks,
Fourth Edition
Chapter 12
Troubleshooting Network Problems
Network+ Guide to Networks, 4E 2
Objectives
•! Describe the steps involved in an effective
troubleshooting methodology
•! Follow a systematic troubleshooting process to
identify and resolve networking problems
•! Document symptoms, solutions, and results when
troubleshooting network problems
•! Use a variety of software and hardware tools to
diagnose problems
Network+ Guide to Networks, 4E 3
Troubleshooting Methodology
•! Steps for troubleshooting network problems:
–! Identify symptoms and potential causes
–! Identify affected area
–! Establish what has changed
–! Select most probable cause
•! Verify user competency
•! Re-create problem
•! Verify physical integrity of network connection
•! Verify logical integrity of network connection
Network+ Guide to Networks, 4E 4
Troubleshooting Methodology
(continued)
•! Steps for troubleshooting network problems
(continued):
–! Implement an action plan and solution and be
prepared for all potential effects
–! Test the result
–! Identify results and effects of solution
–! Document solution and process
Network+ Guide to Networks, 4E 5
Identify the Symptoms and Potential
Causes
•! Questions that may help identify non-obvious symptoms:
–! Access to network affected?
–! Network performance affected?
–! Data and/or programs affected?
–! Only certain network services affected?
–! Problems include local application, networked application, or multiple networked applications?
–! Specific error messages reported?
–! One user or multiple users affected?
–! Symptoms manifested consistently?
Network+ Guide to Networks, 4E 6
Identify the Affected Area
Figure 12-1: Identifying the area affected by a problem
Network+ Guide to Networks, 4E 7
Identify the Affected Area (continued)
Figure 12-1 (continued): Identifying the area affected by a
problem
Network+ Guide to Networks, 4E 8
Identify the Affected Area (continued)
Figure 12-2: Identifying the chronological scope of a problem
Network+ Guide to Networks, 4E 9
Identify the Affected Area (continued)
Figure 12-2 (continued): Identifying the chronological scope of a
problem
Network+ Guide to Networks, 4E 10
Establish What Has Changed
•! Questions to help pinpoint problems resulting from
a network change:
–! OS or configuration on a server, workstation, or
connectivity device changed?
–! New components added to server, workstation, or
connectivity device?
–! Old components removed from server, workstation,
or connectivity device?
–! New users or segments added to the network?
–! Server, workstation, or connectivity device moved
from previous location to new location?
Network+ Guide to Networks, 4E 11
Establish What Has Changed
(continued)
•! Questions to help pinpoint problems resulting from
a network change (continued):
–! Was a server, workstation, or connectivity device
replaced?
–! Was new software installed on a server, workstation,
or connectivity device?
–! Was old software removed from a server,
workstation, or connectivity device?
Network+ Guide to Networks, 4E 12
Establish What Has Changed
(continued)
•! Two ways to react to problems caused by network
changes:
–! Attempt to correct problem
–! Attempt to reverse change and restore hardware or
software to previous state
•! Complete network change records should be kept
–! Make available to staff members
Network+ Guide to Networks, 4E 13
Select the Most Probable Cause:
Verify User Competency
•! Ensure that human error is not source of problem
•! Problems caused by human error usually simple to
solve
•! Best way to verify that a user is performing network
tasks correctly is to watch them
Network+ Guide to Networks, 4E 14
Re-create the Problem
•! Try to reproduce symptoms both while logged on as the user who reported the problem and while logged on under a privileged account
•! Questions to help determine whether a problem’s symptoms are truly reproducible:
–! Make symptoms recur every time?
–! Make symptoms recur some of the time?
–! Symptoms happen only under certain circumstances?
–! Symptoms consistent no matter how many and which programs or files user has open?
Network+ Guide to Networks, 4E 15
Verify Physical Connectivity
•! Many network problems occur at Physical layer
–! Symptoms of Physical Layer problems: continuous
or intermittent inability to connect to network and
perform network related functions
–! Possible causes of Physical Layer problems:
•! Segment or network lengths exceeding IEEE
maximum standards
•! Noise affecting wireless or wire-bound signal
•! Improper terminations, faulty connectors, loose connectors, or poorly crimped connections
•! Damaged cables
•! Faulty NICs
Network+ Guide to Networks, 4E 16
Verify Physical Connectivity
(continued)
•! Diagnosing Physical Layer problems:
–! Device turned on?
–! NIC properly inserted?
–! For wireless NICs, antenna turned on?
–! Device’s network cable properly connected to both
NIC and wall jack?
–! Patch cables properly connect punch-down blocks to
patch panels and patch panels to hubs or switches?
Network+ Guide to Networks, 4E 17
Verify Physical Connectivity
(continued)
•! Diagnosing Physical Layer problems (continued):
–! Hub, router, or switch properly connected to
backbone?
–! Cables in good condition?
–! Connectors in good condition and properly seated?
–! Network lengths conform to IEEE 802
specifications?
–! Devices configured properly to work with network
type or speed?
Network+ Guide to Networks, 4E 18
Verify Physical Connectivity
(continued)
•! Swapping equipment:
–! If you suspect problem lies with a network
component, easy to test theory by exchanging for a
functional component
–! Cables, ports, data jacks, network adapters
–! Difficult to swap routers and switches
Network+ Guide to Networks, 4E 19
Verify Physical Connectivity
(continued)
Figure 12-3: Verifying physical connectivity
Network+ Guide to Networks, 4E 20
Verify Physical Connectivity
(continued)
Figure 12-3 (continued): Verifying physical connectivity
Network+ Guide to Networks, 4E 21
Verify Logical Connectivity
•! Questions to help identify logical connectivity problems:
–! Error messages reference damaged or missing files or device drivers?
–! Error messages reference malfunctioning or insufficient resources?
–! OS, configuration, or application been recently changed, introduced, or deleted?
–! Problem occurs with only one application or a few, similar applications?
–! Problem happens consistently?
–! Problem affects single user or one group of users?
Network+ Guide to Networks, 4E 22
Implement an Action Plan and Solution
Including Potential Effects
•! Scope: assess scope of solution before implementing
•! Tradeoffs: solution may restore functionality for one group of users, but remove it for others
•! Security: solution may inadvertently result in addition or removal of network access or resource privileges for a user or group of users
•! Scalability: does solution position network for additions and enhancements later on
•! Cost: if solution requires significant software or hardware cost, weigh options carefully
Network+ Guide to Networks, 4E 23
Implement an Action Plan and Solution
Including Potential Effects (continued)
•! Use vendor information: nothing to lose by referring to manual, except a little time
–! Manuals, online information, technical support
•! Implement the solution:
–! Collect all documentation about problem’s symptoms
–! Make backups, keep old parts, print configurations
–! Perform change, replacement, move, or addition
–! Test solution
–! Clean up
–! Document solution and results
–! Revisit problem later
Network+ Guide to Networks, 4E 24
Test the Results
•! Must verify that problem solved properly
–! Type of testing depends on solution
–! Depends on area affected by problem
•! May not be able to test solution immediately after
implementing it
Network+ Guide to Networks, 4E 25
Identify the Results and Effects
of the Solution
•! Should be able to determine how and why solution
was successful and effects on users and
functionality
•! Want to avoid creating unintended, negative
consequences as result of solution
Network+ Guide to Networks, 4E 26
Document the Solution and Process
•! Always record symptoms and cause(s) of a
problem and solution
–! Impossible to remember circumstances of each
incident
–! Networking personnel frequently change jobs
Network+ Guide to Networks, 4E 27
Staff Involved in Troubleshooting
•! Many staff members may contribute to
troubleshooting network problems
–! Help desk analysts often first-level support
•! Creates record for incident and attempts to diagnose
problem
–! Second-level support analyst has specialized
knowledge in one or more aspects of a network
–! Most help desks include a help desk coordinator
•! Ensures analysts divided into correct teams,
schedules shifts, maintains infrastructure to enable
analysts to better perform their jobs
Network+ Guide to Networks, 4E 28
Record Problems and Resolutions
•! Call tracking system: software used for documenting problems
–! If no call tracking system, should keep records in electronic form
•! Name, department, phone number of problem originator
•! Software- or hardware-related problem?
•! Software package or device/component to which it pertains
•! Symptoms of problem
•! Name/telephone number of network support contact
•! Time spent troubleshooting
•! Resolution
Network+ Guide to Networks, 4E 29
Notify Others of Change
•! Record resolution in call tracking system
•! Notify others of solution and what, if anything,
needed to change to fix problem
–! Alerts others about problem and solution
–! Notifies others of network changes made, in case
they affect other services
•! Change management system: process or program
that provides support personnel with centralized
means of documenting network changes
Network+ Guide to Networks, 4E 30
Notify Others of Change (continued)
•! Types of changes that network personnel should
record in change management system:
–! Adding or upgrading software or hardware
–! Changing network properties of network device
–! Increasing or decreasing rights for group of users
–! Physically moving networked devices
–! Moving user accounts, files, and directories
–! Making changes in processes
–! Making changes in vendor policies or relationships
Network+ Guide to Networks, 4E 31
Help to Prevent Future Problems
•! Not all problems are preventable, but many can be
avoided
–! Perform regular network health checks
•! Even continual network monitoring
•! When planning or upgrading a network, think about
how good network designs and policies can
prevent later problems
Quick Quiz 1
True or False: The first step in
troubleshooting a network problem
is to identify the affected area.
Network+ Guide to Networks, 4E 32
Quick Quiz 1
True or False: The first step in
troubleshooting a network problem
is to identify the affected area.
Answer: False
Network+ Guide to Networks, 4E 33
Quick Quiz 1
True or False: As you begin
troubleshooting, you should be
aware of any recent changes to
your network.
Network+ Guide to Networks, 4E 34
Quick Quiz 1
True or False: As you begin
troubleshooting, you should be
aware of any recent changes to
your network.
Answer: True
Network+ Guide to Networks, 4E 35
Quick Quiz 1
True or False: A problem caused
by human error is usually difficult
to solve.
Network+ Guide to Networks, 4E 36
Quick Quiz 1
True or False: A problem caused
by human error is usually difficult
to solve.
Answer: False
Network+ Guide to Networks, 4E 37
Quick Quiz 1
True or False: Physical
connectivity problems do not
typically result in software
application anomalies.
Network+ Guide to Networks, 4E 38
Quick Quiz 1
True or False: Physical
connectivity problems do not
typically result in software
application anomalies.
Answer: True
Network+ Guide to Networks, 4E 39
Quick Quiz 1
Networked applications, the NOS,
and hardware configurations (such
as NIC IRQ settings) all belong in
the category of _____ connectivity.
Network+ Guide to Networks, 4E 40
Quick Quiz 1
Networked applications, the NOS,
and hardware configurations (such
as NIC IRQ settings) all belong in
the category of _____ connectivity.
Answer: logical
Network+ Guide to Networks, 4E 41
Quick Quiz 1
A(n) _____ system is a process or
program that provides support
personnel with a centralized
means of documenting changes to
the network
Network+ Guide to Networks, 4E 42
Quick Quiz 1
A(n) _____ system is a process or
program that provides support
personnel with a centralized
means of documenting changes to
the network
Answer: change management
Network+ Guide to Networks, 4E 43
End Part 1
Network+ Guide to Networks, 4E 44
Begin Part 2
Network+ Guide to Networks, 4E 45
Network+ Guide to Networks, 4E 46
Troubleshooting Tools:
Crossover Cable
•! Transmit and receive wire pairs in one connector
are reversed
–! Directly interconnect two nodes without using an
intervening connectivity device
–! Useful for quickly and easily verifying that node’s
NIC is transmitting and receiving signals properly
Network+ Guide to Networks, 4E 47
Tone Generator and Tone Locator
•! Telecommunications closets often disorganized
and poorly documented
•! Tone generator: Issues signal on wire pair
•! Tone locator: Emits tone when it detects electrical
activity on wire pair
•! Cannot be used to determine cable characteristics
–! Such as whether it has defects or whether its length
exceeds IEEE standards for a certain type of
network
Network+ Guide to Networks, 4E 48
Tone Generator and Tone Locator
(continued)
Figure 12-4: Use of a tone generator and tone locator
Network+ Guide to Networks, 4E 49
Multimeter
•! Can measure many characteristics of an electric
circuit, including its resistance and voltage
•! Voltmeter: measures voltage of electric current
•! Ohmmeter: measures resistance
–! Every type of wire has different resistance
characteristics
•! Impedance: resistance that contributes to
controlling signal
–! Telltale factor for ascertaining location of faults in a
cable
Network+ Guide to Networks, 4E 50
Cable Continuity Testers
•! Test whether cable carrying signal to destination
–! When used on copper-based cables, applies small
voltage to each conductor at one end of a cable
•! Checks whether voltage detectable at other end
•! Two parts:
–! Base unit: generates voltage
–! Remote unit: detects voltage
•! Some verify that wires in UTP or STP cables paired
correctly and are not shorted, exposed, or crossed
Network+ Guide to Networks, 4E 51
Cable Continuity Testers (continued)
Figure 12-6: Cable continuity testers
Network+ Guide to Networks, 4E 52
Cable Performance Testers
•! Accomplishes same continuity and fault tests as a
continuity tester, and more
•! Performance testers perform following tasks:
–! Measure distance to connectivity device, termination
point, or cable fault
–! Measure attenuation along cable
–! Measure near-end crosstalk between wires
–! Measure termination resistance and impedance
–! Pass/fail ratings for CAT 3, 5, 5e, 6, or 7 standards
Network+ Guide to Networks, 4E 53
Cable Performance Testers
(continued)
•! Performance testers perform following tasks
(continued):
–! Store and print cable testing results or directly save
data
–! Graphically depict cable’s attenuation and crosstalk
characteristics over length of cable
•! Time domain reflectometer (TDR): issues signal on
cable and measures way signal reflects
•! Optical time domain reflectometer (OTDR): used
for fiber optic cables
Network+ Guide to Networks, 4E 54
Cable Performance Testers
(continued)
Figure 12-7: A performance tester
Network+ Guide to Networks, 4E 55
Network Monitors
•! Software tool that continually monitors network
traffic from a server or workstation
–! Typically can interpret up to Layer 3
–! Determines protocols passed by each frame
–! Can’t interpret data inside frames
•! Many available programs:
–! Microsoft Network Monitor ships with Windows
Server 2003
–! Novell NETMON comes with NetWare 5.x and 6.x
–! Many others available
Network+ Guide to Networks, 4E 56
Network Monitors (continued)
•! Network monitoring tools perform following
functions:
–! Continuously monitor network traffic on segment
–! Capture network data transmitted on segment
–! Capture frames sent to or from specific node
–! Reproduce network conditions by transmitting
selected amount and type of data
–! Generate statistics about network activity
Network+ Guide to Networks, 4E 57
Network Monitors (continued)
•! Some network monitoring tools can also:
–! Discover all network nodes on a segment
–! Establish a baseline
•! Record of how network operates under normal
conditions, including performance, collision rate,
utilization rate, and so on
–! Store traffic data and generate reports
–! Trigger alarms when traffic conditions meet
preconfigured conditions
Network+ Guide to Networks, 4E 58
Network Monitors (continued)
•! Data errors that can be distinguished:
–! Local collisions
–! Late collisions
–! Runts
–! Giants
–! Jabber
–! Negative frame sequence checks
–! Ghosts
Network+ Guide to Networks, 4E 59
Protocol Analyzers
•! Capture traffic and analyze frames
–! Typically up to Layer 7
–! Can interpret payload portion of frames
•! Can generate traffic in attempt to reproduce network problem and monitor multiple network segments simultaneously
•! Hardware-based protocol analyzers exist
–! Sole job is to identify and assess network problems
–! Tailored to particular type of network
•! May collect more information than can be processed
Network+ Guide to Networks, 4E 60
Protocol Analyzers (continued)
Figure 12-8: Traffic displayed by protocol type
Network+ Guide to Networks, 4E 61
Wireless Network Testers
•! To test wireless connections, stations, or APs, need tools that contain wireless NICs and run wireless protocols
•! Programs exist that can scan for wireless signals over a geographical range and discover all APs and wireless stations transmitting in area
–! Determine whether AP functioning properly
–! Determine whether AP positioned correctly
–! Determine whether stations and APs are communicating over proper channels within a frequency band
Network+ Guide to Networks, 4E 62
Wireless Network Testers (continued)
•! Some programs can capture data transmitted
between stations and APs
–! Useful for troubleshooting wireless connection
problems
•! Some programs contain a spectrum analyzer
–! Assess quality of wireless signal
–! Ascertain where noise (or interference) is greatest
Network+ Guide to Networks, 4E 63
Wireless Network Testers (continued)
•! Capabilities common to wireless network testers:
–! Identify transmitting APs and stations and channels
over which they are communicating
–! Measure signal strength from and determine range
of AP
–! Indicate effects of attenuation, signal loss, and noise
–! Interpret signal strength information
Network+ Guide to Networks, 4E 64
Wireless Network Testers (continued)
•! Capabilities common to wireless network testers
(continued):
–! Ensure proper association and reassociation when
moving between APs
–! Capture/interpret traffic exchanged between wireless
APs and stations
–! Measure throughput and assess data transmission
errors
–! Analyze the characteristics of each channel within a
frequency band to indicate the clearest channels
Network+ Guide to Networks, 4E 65
Wireless Network Testers (continued)
Figure 12-10: Wireless network testing tool
Quick Quiz 2
In a(n) _____ cable, the transmit
and receive wire pairs in one of the
connectors are reversed.
Network+ Guide to Networks, 4E 66
Quick Quiz 2
In a(n) _____ cable, the transmit
and receive wire pairs in one of the
connectors are reversed.
Answer: crossover
Network+ Guide to Networks, 4E 67
Quick Quiz 2
A tone _____ is a device that
emits a tone when it detects
electrical activity on a wire pair.
Network+ Guide to Networks, 4E 68
Quick Quiz 2
A tone _____ is a device that
emits a tone when it detects
electrical activity on a wire pair.
Answer: locator
Network+ Guide to Networks, 4E 69
Quick Quiz 2
If you need to know more than
whether a cable is simply carrying
current, you can use a(n) _____
tester.
Network+ Guide to Networks, 4E 70
Quick Quiz 2
If you need to know more than
whether a cable is simply carrying
current, you can use a(n) _____
tester.
Answer: cable performance
Network+ Guide to Networks, 4E 71
Quick Quiz 2
_____ are frames that are not
actually data frames, but
aberrations caused by a device
misinterpreting stray voltage on
the wire.
Network+ Guide to Networks, 4E 72
Quick Quiz 2
_____ are frames that are not
actually data frames, but
aberrations caused by a device
misinterpreting stray voltage on
the wire.
Answer: Ghosts
Network+ Guide to Networks, 4E 73
Quick Quiz 2
A(n) _____ is a tool that can
capture traffic and analyze frames,
typically all the way to Layer 7 of
the
OSI Model.
Network+ Guide to Networks, 4E 74
Quick Quiz 2
A(n) _____ is a tool that can
capture traffic and analyze frames,
typically all the way to Layer 7 of
the
OSI Model.
Answer: protocol analyzer or
network analyzer
Network+ Guide to Networks, 4E 75
Network+ Guide to Networks, 4E 76
Summary
•! Key to solving network problems is to approach them methodically and logically, using your experience to inform your decisions, and knowing when to ask for someone else’s help
•! First step in troubleshooting is identifying the symptoms and potential causes for a problem
•! Second step in troubleshooting is to identify the affected area
•! At each point in the troubleshooting process, stop to consider what kind of changes have occurred on the network that might have created a problem
Network+ Guide to Networks, 4E 77
Summary (continued)
•! Based on an analysis of the symptoms and how
changes might have affected the network, select a
probable cause for the problem
•! After you have identified the probable cause,
implement an action plan and your solution, while
considering the potential effects of the solution
•! After implementing your solution, test your result to
ensure that you solved the problem and haven’t
created new problems
•! Next identify the effects and results of your solution
Network+ Guide to Networks, 4E 78
Summary (continued)
•! Last step in troubleshooting is to document the
solution and the process of solving the problem
•! A tone generator and tone locator are used to
identify the terminating location of a wire pair
•! A multimeter is a simple device that can measure
the voltage, resistance, impedance, and other
characteristics of an electrical circuit
•! Basic cable continuity testers determine whether
your cabling can provide connectivity
Network+ Guide to Networks, 4E 79
Summary (continued)
•! A network monitor is a software-based tool that
monitors network traffic from a server or
workstation attached to the network
•! Protocol analyzers can typically interpret data up to
Layer 7 of the OSI Model
•! Wireless network testing tools can be dedicated
instruments or software that run on a workstation
(usually a laptop)