November 27, 2023

How to troubleshoot network?

ForewordHi everyone, I'm Mr. Lin. Many students do not know how to troubleshoot network errors. Let's take a look at knowledge worth learning! Text1. Network troubleshooting prerequisites

Why are there prerequisites? Because network troubleshooting mentioned here doesn't just stop at using some small command, but at a set of systematic methods. Without these conditions, I really cannot guarantee that you will understand following and be able to put it into practice, so let's take a look at these basic terms first.

1. Introduction to seven-layer OSI model and TCP/IP protocol stack

This should be most basic knowledge of network troubleshooting.

Whether it's seven-layer OSI model or DoD model, it's used to describe process of networking so that we can have a common process of sending and receiving network data. The seven-layer OSI model corresponds to protocol of seven-layer OSI model, and DoD model corresponds to protocol of DoD model, that is, TCP/IP protocol stack.

Protocols in TCP/IP protocol stack are very important, such as DNS, TCP, UDP, IP, ICMP, ARP. "It's so detailed, but at least we should know basic functions of these protocols. I don't think one or two of them can explain it. It's still same phrase, Baidu itself.

2. Understand underlying network communication hardware and its corresponding OSI layer

The most basic network devices such as switches, three-layer switches, routers, and firewalls need to have some understanding, especially their respective OSI layers and functions. For example, conventional two-layer switches correspond to data links in seven OSIs. model layer, it can isolate contention domain, and can isolate broadcast domain with virtual local area network (VLAN) technology. Addressing functions, etc.

3. Understanding basic architecture of SMB networks

The basic structure of a typical SMB network is as follows: access layer - aggregation layer - core layer - network output.

Here is picture:

How to troubleshoot network?

If network environment is relatively large, it will have both a convergence layer and a base layer. As here, there is no direct level of convergence, but idea is same. The troubleshooting below is actually for user's PC, essentially data center network troubleshooting is similar. As complex as network environment is, it is in fact similar to this one in a simplified form.

4. Check out commonly used commands for network troubleshooting

If user is using Windows operating system, following commands are very important:

If you're using a Linux operating system, there are corresponding corresponding commands. In fact, ultimately, you need to be familiar with hardware you're using. Of course, in actual network troubleshooting process, if it's just checking for a normal network connection, you can replace hardware you're using. familiar with.

5. Clearly understand important principle of network troubleshooting

Troubleshooting network isn't just about figuring out where network problem is, so you need to know direction of data.

So this is an important principle: pay attention to direction of data.

The idea of ​​network troubleshooting mentioned below is actually to narrow down network failure points step by step by monitoring direction of data, so it's very, very important to always keep that point in mind! That's why above should help you understand basic architecture of SMB networks.

Second, basic idea of ​​network troubleshooting

The basic idea is this, which should be similar to what most people on internet have written.

(1) Check if there are any problems with physical link

(2) Check for problems with machine's IP address, routing, and DNS settings

(3) Check smooth operation of gateway or router. Test gateway first, then router, test layer by layer

(4) Check smoothness of checking public network IP address (usually remember several external IP addresses)

(5) Check DNS continuity, you can directly ping website address

3. Detailed network troubleshooting

To better describe network troubleshooting process and ideas, let's assume we have following network environment:

(Explanation: although this is a hypothesis, network environment is actually set up by blogger via GNS3 VM and real network, so it can be used as a real link)

How to troubleshoot network?

Next, we will take above network environment as an example to detail our network troubleshooting ideas, how to perform each step, why each step is performed, and what information we can get after that.

(1) Check if there are any problems with physical link

This step is first step I personally think you should take when troubleshooting your network! I often hear from friends that host's computer can't be connected to internet and I have to go troubleshoot. This is truly a tragedy, not to mention wasting a lot of time, such an idea of ​​network troubleshooting is inherently wrong.

Because perhaps not everyone can go to computer room to check wiring of switch, so at this stage focus of our investigation should be placed in place shown in figure below:

How to troubleshoot network?

At this stage, following points should be checked:

1. Make sure there are no problems with network card of computer itself

2. Make sure there are no problems with connected network cable

3. The switch connected to this machine (if you can go to computer room to check)

If there are no problems in above investigations, then there is a problem with other devices in network environment. Troubleshooting in this range is relatively simple as it only deals with physical link connectivity issues.

For this kind of testing, you can use a line tester, but my personal opinion is that it would be a good idea to take a properly configured laptop for testing.

(2) Check for problems with machine's IP address, routing, and DNS settings

In first step above, there is no problem with investigating physical connection, i.e. after connecting computer to internet cable, computer responds and can be identified, but network is still disconnected. In this step, you must first connect to a computer.

In this step, we will focus on following:

1.Setting IP address

If you are using DHCP auto-obtain method, you only need to check if auto-obtaining IP settings is enabled in your local computer settings and if appropriate services are enabled;

If you are using a static IP address, you should pay attention to whether there are any errors in filling IP address (provided by public network administrator) and whether there are any problems with subnet mask of IP address (this is very important for a static IP. Many people make mistakes here, advice is that it's best to learn IP address knowledge and VLSM).

Typically, you can use following command to view it:

How to troubleshoot network?

2. Routing settings

For servers and PCs, this usually refers to default gateway setting; for router or Layer 3 switch itself, this is a static or dynamic routing setting.

3. DNS settings

The main goal is to make sure that DNS server address you set provides domain name resolution service or that it is not a failure. As to how to judge, method will be given later. The focus here is that you must set correct DNS server address or it can be obtained automatically. On Windows, you can view it with following command:

How to troubleshoot network?

(3) Check smooth operation of gateway or router. Test gateway first, then router, test layer by layer

In above network environment, when network is connected, we use tracert -d command on computer and the following results will be obtained:

How to troubleshoot network?

Thanks to this test result, we can clearly see direction of data when computer connects to Internet:

How to troubleshoot network?

According to this trend of data, we can get an important idea, which is to determine smoothness of network according to trend of data! So we can split it into two steps:

1. First, check smooth connection of computer to gateway 192.168.2.254

How to troubleshoot network?

We can ping gateway address on our own machine to see if there is a response

How to troubleshoot network?

Typically, this evaluation method is relatively fast, but sometimes, no matter how you ping you can't, then following situations may occur:

a. Gateway set to disable ping

b. Gateway interface or gateway device failure

It is rare for a to restrict ping operations on these devices, and certainly not necessary, except for very strict requirements such as network security. After pinging gateway 192.168.2.254, ping 172.16.13.1 again to ensure there are no problems between computer and gateway as a whole.

If ping fails, I personally recommend doing following on your computer:

How to troubleshoot network?

That is, check if computer itself has obtained MAC address of gateway. Obviously, if there is no gateway MAC address, it is impossible to ping gateway. After fixing problem of computer's previous settings, you can guess that it is gateway. If there is a problem with device, you can contact a network engineer to check gateway device.

2. Test smoothness of other routers

There are no problems in previous step, that is, connection between computer and gateway is normal, and then check smooth connection of gateway to egress router:

How to troubleshoot network?

Here we can use tracert -d:

How to troubleshoot network?

Of course, if that fails, it could be:

a. Physical link between gateway device and router

b. Set problems between gateway device and router, such as routing protocol, interface configuration, etc.

If above situation occurs, it's a network engineer's problem. Of course, if you are a network engineer, you should immediately check status of device to see if there is a problem with device.

The above steps are done assuming there are no problems with outgoing router settings such as NAT settings, default routing, etc., then we can roughly determine that underlying intranet communication is normal (at at least your computer and there is no communication problem with output router), we should see if computer can access Internet.

(4) Check smoothness of checking public network IP address (usually remember several external IP addresses)

When you get to this step, it means there are no problems with first three steps. That is, communication in local network is working fine. What you need to do at this time is evaluate the local network. LAN and external network (public network) Is there a communication problem between:

How to troubleshoot network?

This uses a method of directly pinging the public network address to eliminate DNS influence (in case there is a problem with your DNS settings). you can ping some. There is no public DNS server address that prohibits ping, such as 114.114.114.114 and 8.8.8.8:

How to troubleshoot network?

You can then confirm that there are no network problems. Of course, this does not apply to situation of placing a firewall at exit, idea is essentially same, but you need to consider whether your access data is filtered by firewall, is it filtered when data leaves, or is data filtered when it comes back? Since it also involves setting up a firewall, it will not be mentioned here, but it is still necessary to pay attention to this point.

(5) Check DNS continuity, you can directly ping website address

As stated in title, you can directly ping website address to see if there is an IP echo. As to whether it can be connected or not, that's another matter. As long as IP address can be echoed, then there is no problem with DNS, but we also need to talk about nslookup command, this is a very useful command, I usually use it when troubleshooting network problems:

How to troubleshoot network?

Of course, it can also be used like this:

How to troubleshoot network?

Using nslookup command has two functions:

1. Help me check if there are any problems with installed DNS server

2. Without thinking about whether a DNS server is smart or not, you can roughly judge pros and cons of a DNS server by speed of repeating an IP address

This way you can make full use of nslookup command.

Related