This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Welcome to the chapter 'Network Troubleshooting'. This chapter describes how to identify problems in a network. It discusses troubleshooting, troubleshooting steps, resources required and troubleshooting tips.
In this chapter, you will learn to:
Explain how to identify a problem in a network
Discuss troubleshooting in wireless networks
Explain the troubleshooting steps
List the resources required for troubleshooting
Describe the troubleshooting tips
Note to Reviewer: An additional subtopic troubleshooting in wireless network is included.
16.1 Identifying the Network Problem
When a system administrator experiences any kind of network problem, it is always a challenge to get it resolved keeping in mind the network uptime expectation.
A systematic approach to resolve a problem is always helpful and the first thing that should be done is to narrow down to the exact root cause. Following are the tasks that help a system administrator in narrowing down to the exact root cause:
Check the basics.
Check what is causing the issue, hardware or software.
Check if the issue is at server or workstation.
Check if the issue is caused by internal malfunction or external intrusion.
16.1.1 The Basics
At times, the problem can be very basic, such as router, switch or server not switched on. In the zest to get the issue resolved, sometimes the basic is ignored and brains are overused thinking it to be a complex problem.
The basic checks that need to be kept in mind are as follows:
User Login: Check for valid users.
LED Status: Check the status of Light Emitting Diode (LED) link.
Log Files: Check for log files on Network Operating System (NOS).
Abnormal Activity: Check for abnormal activity.
In case, users are not able to login there are various reasons behind it. Some of the common reasons are as follows:
The user is not a valid user. This means that the user account is either deleted or disabled.
The group membership does not allow the user to login at that time or that day according to policy set.
The user is not entering the correct credentials, such as the password is misspelt, an old password is entered or the password is entered in the wrong case.
Network devices, such as router, switch, hub and the important Network Interface Card (NIC) have a link light. It is typically green in colour with the label link.
The status of the lights on the LED indicates the various types of operations and it helps in easy detection of network issues.
In case of network running on 10Base-T, the link light indicates that there is a logical connection between the NIC and hub or switch. In case the link light is static on both the devices, it means that both the devices are communicating properly.
Checking log files on NOS gives an idea of the errors that occurred in the workstation or server with respect to local devices or network devices.
System log on Windows server OS helps in identification of malfunctioning of a system device. It also helps in identification of network protocol issues.
Application log gives an idea about malfunctioning of an application. This can be software that is being used as a network application.
It is usually hard to find abnormal activities. However, monitoring tools are helpful. Many NOS come with built in monitoring tools to monitor network activity and report if some abnormal behaviour is detected.
16.1.2 Hardware or Software
It is very important to identify whether the root cause of the network problem is hardware or software.
If the link of the LED is fine, the network transmission is fine. This means that the most probable reason is some software, which has been installed or updated recently. .
Sometimes, patch or version upgrade for OS or antivirus can also cause a problem.
16.1.3 Server or Workstation
If a user is unable to login to a network, find out if there is an issue with the local workstation or the server.
If a user cannot logon locally to a workstation, try logging on from another workstation in the network. If that does not work, the issue is with the server and not the workstation.
16.1.4 External Intrusion
If everything within a network is working perfectly but still there seems to be an abnormal activity in the network, log on to the server and check the firewall.
Firewall serves as an indicator. It tells if there has been successful or unsuccessful intrusion by an external network user. The following is required to be checked in a network:
Whether a particular workstation or particular segment of a network has been affected.
Whether there is an issue with the hardware connection cabling, connectors and so on.
If NIC is binded with network protocols, an issue with the OS malfunctioning can also unbind the network device and its corresponding software part in the OS.
16.2 Troubleshooting in Wireless Network
Troubleshooting wireless networks is challenging for network administrators. Since both wired and wireless components have to be monitored, they need to design troubleshooting steps accordingly.
Table 16.1 explains the factors that affect wireless networks. Consider these factors while troubleshooting the wireless networks.
Wireless networks are more prone to interference as they transmit signals through radio waves.
Interference within the frequency ranges can be from bluetooth devices, cordless phones and other wireless devices.
Signal strength of wireless devices is affected by factors, such as interference intensity and distance between Wireless Access Point (WAP) a client.
Wireless networks can set up encryptions, such as Wired Equivalent Protocol (WEP) and Wi-Fi Protected Access 2 (WPA2) with Advanced
Encryption Standard (AES).
To avoid discrepancy while setting up encryption, ensure that the same encryption standard is used for a sender, a receiver and the relaying or amplifying WAP devices.
Wireless networks generally do not have configuration issues as they use channel 1, 6 or 11 between 2.4GHz or 5Ghz band. The client also auto configurethemselves to a channel that WAP is relaying.
These networks have more bandwidth. Therefore, the only reason for signal to get affected is that client and WAP do not tune into the same channel.
Wireless devices these days use 802.11g or 802.11b standard. Additionally, they have a console that can be used to set standards.
Always, ensure that both send and receive devices use the same standard.
Service Set Identifiers (SSID) Mismatch
Wireless devices have an SSID. Other wireless devices within the range are relayed this SSID. SSIDs can either be Basic Service Set Identifiers (BSSIDs), which identify an individual client or Extended Service Set Identifiers (ESSIDs) that identify a certain WAP.
Ensure that receiving devices detect the SSID. In case wireless card is unable to catch the signal from the WAP, either WAP or receiver device is not functioning properly or they are out of range.
Table 16.1: Factors Affecting Wireless Networks
16.3 Troubleshooting Steps
Troubleshooting requires step by step approach to ensure that problem is detected and solved.
Table 16.2 describes the troubleshooting steps in detail.
The first step is to collect data. Data collection helps in identifying symptoms and determining root cause of the issue.
Identify the affected areas
The second step is to identify the exact affected area in the network.
It is always essential to narrow down the problem to a specific workstation or a subnet of a small or a large network.
Determine the recent changes
The third step is determining the recent changes.
Information about the recent changes is very helpful in identifying the root cause.
Determine the probable root cause
The fourth step is determining the most probable root cause.
The third step is likely to suggest probable root cause but determining the root cause is more important.
Draft the action plan
The fifth step is drafting the action plan.
After collecting data on the recent changes, draft an action plan to resolve the issue.
Note: While preparing an action plan take into consideration short term and long term after effects.
Implement the action plan
The sixth step is to implement the action plan.
To resolve the issue, this step is very critical.
Remember to first implement the steps in a test environment before implementing it in real time.
Analyse the after effects
The seventh step is analysing the after effects.
Analyse short term and long term after effects.
Document the procedure
The eighth step is documenting the entire procedure.
Documentation includes entire process starting with arrival of the issue and ending with it being resolved. This step helps others while tackling a similar issue at a later point of time.
Table 16.2: Steps for Troubleshooting
At times the issue needs to be escalated to higher levels. Escalate at the very beginning when the administrator knows that it is out of knowledge, is not within the support boundaries or when initial troubleshooting steps taken fail to get the issue resolved.
Always follow the correct order while troubleshooting. Remember to first collect data, identify the root cause, create an action plan, implement the plan, analyse after effects and document the procedure.
16.4 Troubleshooting Resources
While troubleshooting hardware, one port of a switch should never be connected to a network as this port can be used for experimenting. Also, as a backup, keep one switch and a router in reserve.
Additionally, take back up of data including system data. Following are the resources required by a system administrator while troubleshooting:
Screw driver set
OS installation CD(s)
OS Updates and Patches CD
Monitoring tools software
Support contract phone number
16.5 Troubleshooting Tips
Till now the basics of network troubleshooting, troubleshooting steps and troubleshooting resources are covered. Some of the troubleshooting tips are as follows:
Never Ignore the Basics
It can be as simple as the link light on any network device not switched on. Human errors where system administrator has not turned on the power, left a cable unplugged, or mistyped a username and password are some basic and quite possible issues.
Identify the Priority Issues
In a scenario of multiple issues being reported at the same time, network administrator should always prioritise the tasks to be handled. This is usually in the order of the most important issues being addressed first. Following are some issues listed from the highest to the lowest priority:
Failure of entire network.
Particular subnet of users experiencing network connection issue.
Group of workstation affected by network.
Workstation rebooting continuously.
Workstation going into hung state intermittently.
Workstation applications going into a hung state intermittently.
Check for Software Configuration
Mostly root cause of network issues are related to software configuration. Following are required to be checked:
WINS configuration (not much in use nowadays)
In a Windows server OS, application and system log file can help identify nature of the issue.
Check for Hardware Issues
It is always advisable to take care of the physical environment of a server if it is optimised for factors such as location, temperature and humidity.
This becomes very helpful to determine the actual root cause and while troubleshooting. Things like Radio Frequency Identification (RFID), hardware cabling and Electromagnetic Interference (EMI) should be kept in mind. Tools, such as cable testers and LAN analyzer are very important.
Check for Software Issues
It is very much possible that software could also cause network issues. Some of the software issues are as follows:
Viruses, spyware and malware
OS service packs and updates
OS Security patch
Other software operating on the workstation
A good way of troubleshooting is to test a workstation with same changes and then gradually roll back the software changes. Rolling back one or more software updates resolves the issue immediately.
16.6 Chapter Review Questions
Which of the following is not to be checked while examining the basics?
Check for valid users.
Check the status of LED link.
Check if the issue is at workstation or server.
Check the log files.
The link light of network running on 10Base-T indicates that there is a logical connection between the NIC and ________.
None of these
Which of the following log on Windows server OS gives an idea if a system device is malfunctioning?
None of these
Which of the following statements are true?
If LED's link is blinking, it means that network transmission is fine.
If a user is unable to login to a network then find out if there is an issue with the local workstation or is it related to the server.
If everything within a network seems to be working fine but still there seems to be abnormal activity then check the firewall.
Many NOS come with built in monitoring tools to monitor a network activity.
Which of the following things can be checked within a network?
If particular workstation of a network has been affected.
If there is an issue with hardware connection.
If there is an issue with the OS malfunctioning.
All of these.
Which of the following factors should be considered while troubleshooting wireless networks?
_______ is the third step of the troubleshooting process?
Identifying the affected area.
Determining the recent changes.
Determining the root cause.
Drafting an action plan.
Which of the following helps in identifying symptoms and determining the root cause of the issue?
Implementing the action plan
Analysing the after effects
Collecting of data
Documenting the procedure
While troubleshooting hardware, one port of a switch should never be connected to the network so that it can be experimented. Is the statement true or false?
Which of the following network issue is of lowest priority?
Failure of entire network.
A group of workstations affected by network.
Workstation rebooting continuously.
Workstation applications going into a hung intermittently.
B, C, D
When a system administrator experiences any kind of network problem then it is essential to implement a systematic approach to resolve the problem. The first thing that should be done is to identify the network problem.
The basic checklist that should be kept in mind is check for valid users, check the status of LED link, check the log files and check for abnormal activity.
It is very important to identify whether the root cause of the network problem is hardware or software. If the link of the LED is fine, the network transmission is fine. This means that the most probable reason is some software, which has been installed or updated recently.
If a user cannot logon locally to a workstation then try logging on from another workstation within the network. If that does not work, the issue is with the server and not the workstation.
If everything within a network is working perfectly but still there seems to be an abnormal activity in the network, then log on to the server and check the firewall. Firewall serves as an indicator. It tells if there has been successful or unsuccessful intrusion by an external network user.
Troubleshooting wireless networks is challenging for network administrators. As both wired and wireless components have to be monitored and they need to design troubleshooting steps accordingly. The factors that should be considered while troubleshooting wireless networks are interference, incorrect encryption, incorrect channel, incorrect standard and SSID mismatch.
Troubleshooting steps are collecting the data, identifying the affected areas, determining the recent changes, determining the probable root cause, drafting an action plan, implementing the action plan, analysing after effects and documenting the procedure.
While troubleshooting hardware, one port of a switch should never be connected to a network so that it can be experimented. Also as a backup, keep one switch and a router in reserve.
A few troubleshooting tips are never ignore the basic, identify the priority issues, check for software configuration, check for hardware issues and check for software issues.
Application Log: It is a log file in Windows server OS that gives an idea if some application is malfunctioning or has crashed.
Basic Service Set Identifiers (BSSIDs): It is type of SSID that identifies an individual client.
Extended Service Set Identifiers (ESSIDs): It is type of SSID that identifies a certain WAP.
Firewall: It serves as an indicator. It tells if there has been successful or unsuccessful intrusion by an external network user.
Light Emitting Diode (LED): It is a link light that devices such as router, switch, hub and NIC have.
Monitoring Tools: Many NOS come with built in monitoring tools to monitor a network activity and report if any abnormal behaviour is detected.
Service Set Identifiers (SSID): It is a number that each Wireless device has, which is used to identify it.
System Log: It is a log file in Windows server OS that gives an idea if some system device is malfunctioning or some network protocol has an issue.