NETWORK CONFIGURATION

TROUBLE SHOOTING NETWORKS

Dr. Zeeshan Bhatti

Lecture 2

Troubleshooting Networks
How to Determine Network Configuration or Hardware

Problems

TROUBLESHOOTING
A network admins job is not just to set up a network, but
maintain it
Thus, if anything goes wrong, the admin should track down the
problem somehow
The problem may be a configuration error, which the admin should fix
The problem may be a hardware failure, which can only be fixed by
repairing or replacing the hardware
Nevertheless, the admin must determine which hardware has failed, so
this can happen

A TYPICAL SCENARIO
A user calls up the network admin, saying their network
connection is down
For most non-technical users, even this clear of a statement of the problem
might not be possible
A network admin will eventually figure at least this much out from the users
comments

STEP 1: TEST LOCAL CONNECTIVITY

First, an admin will try to connect to a local computer
cmd% ping frankie.csfac8.uwindsor.ca
ping: unknown host frankie.csfac8.uwindsor.ca

This could mean DNS servers are unavailable

The admin should check the DNS server addresses, and the servers

Next, the admin will make sure the IP address works

cmd% ping 137.207.140.93
Destination host unreachable.
Destination host unreachable.
Destination host unreachable.

This could mean no connectivity

The admin should check the configuration settings (ipconfig, netconfig, network-admin)
However, if the ping command responds from a router that a host is unreachable, the node may
actually be unreachable, or the address may not be bound
Obviously, we have connectivity since the router sent a message to us

HOW PING WORKS

Ping works by sending an ICMP Echo Reqest to the destination
The destination sends back an ICMP Echo Reply to the host
The host records the round trip time, and repeats the process a few
times

A PROBLEM WITH PING

ICMP Echo Requests are often disabled in some networks
This is due to denial of service attacks that use ICMP Echo Request/Reply

In these networks, ping will not work

CHECK CONFIGURATION SETTINGS

In Windows (2000/XP):
C:\> ipconfig
(success)
Windows IP Configuration
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . : csfac8.uwindsor.ca
IP Address. . . . . . . . . . . . : 192.168.137.71
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.137.2

(failure)
Windows IP Configuration
Ethernet adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected

EDIT CONFIGURATION SETTINGS

In Windows , editing your network configuration
settings can be done from TCP/IP properties
Open control panel, select Network Connections
Select your connection, click Properties
Select Internet Protocol (TCP/IP), click Properties
From here you can edit your configuration settings
manually, or specify that a DHCP should provide the
values for you

STEP 2: TEST REMOTE CONNECTIVITY

First, an admin will try to connect to a
local computer
cmd% ping www.google.ca
ping: unknown host www.google.ca

This could be a routing problem

Most likely the routing problem is within the organization
The network administrator should check the route using the
traceroute (traceroute, tracert) command
10

TESTING ROUTES
The traceroute command can give the logical
addresses of each router in a route
It may also tell you if there is a problem with the route

In Windows (2000/XP):
tracert www.google.ca
In Linux/Solaris:
traceroute www.google.ca
11

WINDOWS TRACERT OUTPUT

C:\>tracert www.google.ca
Tracing route to www.l.google.com [66.102.7.104]
over a maximum of 30 hops:
1 1 ms 1 ms 1 ms 192.168.1.1
2 23 ms 16 ms 20 ms 10.71.96.1
3 11 ms 13 ms 13 ms d226-4-1.home.cgocable.net [24.226.4.1]
4 30 ms 15 ms 18 ms cgowave-0-157.cgocable.net [24.226.0.157]
5 30 ms 17 ms 17 ms cgowave-0-101.cgocable.net [24.226.0.101]
6 29 ms 18 ms 17 ms gw-google.torontointernetxchange.net [198.32.245.6]
7 19 ms 37 ms 17 ms 66.249.94.75
8 44 ms 23 ms 31 ms 64.233.175.96
9 53 ms 40 ms * 64.233.175.96
10 98 ms 92 ms 86 ms 66.249.95.215
11 98 ms 89 ms 94 ms 216.239.49.142
12 88 ms 95 ms 90 ms 216.239.49.142
13 104 ms 98 ms 89 ms 216.239.49.142
14 99 ms 94 ms 88 ms 66.102.7.104
Trace complete.
12

WINDOWS TRACERT OUTPUT

The output contains lines like the following:
5 30 ms 17 ms 17 ms cgowave-0101.cgocable.net [24.226.0.101]
5: The 5th hop
30,17,17ms: Round trip times to/from the router
cgowave-0-101.cgocable.net [24.226.0.101]:
The domain name and address of the router
13

HOW DOES TRACEROUTE WORK?

Traceroute sends either a UDP or ICMP Echo
packet to the destination
Initially, the hop limit is set to 1, which causes the first
router to drop the packet
Routers, however, will respond with an ICMP Time Exceeded error
message, which contains the routers IP address
The process is repeated a few times to get a few round trip times
The domain name of the IP address is found (for convenience of
the network admin)

Next, the process is repeated with a hop limit of 2

Then 3, 4, etc. until the destination host is reached

14

A PROBLEM WITH TRACEROUTE

One problem with traceroute is that it could read a false path
If the routers reconfigure (e.g. due to congestion) during its execution, the
readings could be inaccurate

A1

A2

A2

D
B2

B2

15

A PROBLEM WITH TRACEROUTE

One problem with traceroute is that it could read a false path
If the routers reconfigure (e.g. due to congestion) during its execution, the
readings could be inaccurate

A1

A2

A1

A2

D
B2

B2

16

A PROBLEM WITH TRACEROUTE

One problem with traceroute is that it could read a false path
If the routers reconfigure (e.g. due to congestion) during its execution, the
readings could be inaccurate

A1

A2

A1

A2

A2

D
B2

B2

17

A PROBLEM WITH TRACEROUTE

One problem with traceroute is that it could read a false path
If the routers reconfigure (e.g. due to congestion) during its execution, the
readings could be inaccurate

A1

A2

A2

A1

A2

D
B2

B2

18

THE WINDOWS NETWORK DIAGNOSTIC COMMANDS

Ipconfig
Ipconfig is a Console Command which can be issued to the Command Line Interpreter (or command prompt)
to display the network settings currently assigned to any or all network adapters in the machine. This
command can be utilized to verify a network connection as well as to verify your network settings.

19

Netstat
Displays active TCP connections, ports on which the computer is listening, Ethernet statistics,
the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics
(for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols). Used without parameters,
netstat displays active TCP connections.

20

Tracert
The tracert command is used to visually see a network packet being sent and received and the amount
of hops required for that packet to get to its destination.

Users with Microsoft Windows 2000 and Windows XP who need additional information network latency
and network loss should also consider using the patching command.

21

Ping
Helps in determining TCP/IP Networks IP address as well as determine issues with the network and
assists in resolving them.

22

Pathping
Provides information about network latency and network loss at intermediate hops between a source
and destination. Pathping sends multiple Echo Request messages to each router between a source and
destination over a period of time and then computes results based on the packets returned from each
router.

23

Nslookup
Displays information that you can use to diagnose Domain Name System (DNS) infrastructure. Before using this tool,
you should be familiar with how DNS works. The Nslookup command-line tool is available only if you have installed
the TCP/IP protocol.

24

THANKYOU

Q&A
For My Slides and Handouts

http://zeeshanacademy.blogspot.com/
https://www.facebook.com/drzeeshanacademy