Bitzenbytes.com

CompuClues Forum

  User  Password
Saturday, May 10, 2008 - 12:32 AM
Search
Main Menu
Who's Online
MEMBERS ONLINE

You are an anonymous user. You can register for free by clicking here
User name
Password
 Remember me
Firefox
Get Firefox 110
Languages
Preferred language:
Network Troubleshooting 101 - CompuClues Arcanum
Basic Network Troubleshooting 101
Date: February 10, 2002
From: NoClue

As I read some of the horror stories in the Broadband Forum, I began to see a need for an explanation of the various network troubleshooting tools that some of us get to use on a daily basis. Most of this troubleshooting involves checking for connectivity between devices, whether those devices are machines, routers, websites, mail servers, etc.

I guess I should start by explaining that the vast majority of network problems are caused by bad cabling. Keep a spare cable handy.

The tools:

Ping:

I once read that ping stands for ‘Packet InterNet Groper’. I’ve since read that it doesn’t stand for anything. I think ‘Packet Internet Groper’ is cool, so I’m sticking with it.

Ping verifies a connection to a remote computer or other device (or node) by sending Internet Control Message Protocol (ICMP) echo packets back and forth between them. Ping then reports information about the exchange:

Ping Command with Replies...
Figure 1


The picture above shows that 4 packets were received from the node 127.0.0.1, that those packets were 32 bytes in size, that it took less than 10 milliseconds per packet, and that the Time-To-Live (TTL) was 128 hops (each time a packet is forwarded to a node counts as one hop). After the packet reaches the TTL (128 hops), it would be discarded.

Ping also gives us some statistics about 127.0.0.1, 4 packets were sent and received, it didn’t lose any, and it happened faster than the machine can time it. There’s a reason for that. 127.0.0.1 is the loopback address, the address that your operating system uses to communicate with your network card. It is also sometimes called the localhost address.

A few definitions:

Hostname: Any computer that is attached to the internet (or any other TCP/IP network) is a host. Each host has a unique IP address. A host’s hostname is any Fully Qualified Domain Name (FQDN) that resolves to that IP address.

NetBIOS name: NetBIOS (Network Basic Input Output System) is an Advanced Programming Interface (API) used by LANs (Windows-based LANs at least, maybe others) that adds network functionality. The NetBIOS name (I’ll also refer to it as machinename quite a bit, and sometimes servername) is the name associated with each computer on the LAN. In Win9x, it’s the name you’ve put in the ‘Identification’ tab under ‘Network Properties’. In Win2000, it’s the first part of the FQDN that you’ve entered in the ‘Network Identification’ tab under ‘System Properties’.

Resolve/resolution: IP addresses are said to resolve to hostnames and vice versa. In the example above, the IP address 127.0.0.1 resolves to the hostname localhost. Try it and see...open a Command Prompt (DOS Prompt) and type ping localhost and hit Enter. Ping should report back “Pinging hostname [127.0.0.1] with 32 bytes of data”, along with the rest of the stuff we discussed above.

UNC Path: The Universal Naming Convention path in the form \\servername\sharename\ where servername is the NetBIOS name of the computer containing the shared resource. This can be extended to \\servername\sharename\directory\filename.

Gateway: A gateway, for the purposes of this article, is combination of hardware and software that connects your machine to the Internet. Any packets not destined for the local LAN are sent to the gateway.

DHCP: Dynamic Host Configuration Protocol lets a DHCP server dynamically assign IP addresses, gateways and DNS server numbers.

Let’s look at a theoretical network:

Fig.2 - Typical Network Topology for Internet Access...
Figure2


Please note that I’ve used fictitious hostnames and IP addresses (except for http://www.bitzenbytes.com/) for the purposes of this article. Your names and numbers will be different.

Think about what happens when you type a website into your browser, say http://www.bitzenbytes.com./ Your machine contacts your DNS server to resolve http://www.bitzenbytes.com/ to its IP address, 63.74.92.232. Your machine then attempts to contact 63.74.92.232 and, once the connection is made, requests the default web page, usually index.htm (or .html, or shtml, etc.). The webserver containing that page transmits it to your machine where it appears in your browser.

You can use ping to verify the connections between your operating system and your NIC, and between your computer and every other node on the internet.

Here are the basic steps, using the diagram above, assuming that I am testing from noclue1:

  1. Verify the loopback address: ping 127.0.0.1
  2. Verify the connection to your IP address: ping 68.999.999.990
  3. Verify the connection to another node on the LAN: ping 68.999.999.991
  4. Verify the connection to the gateway: ping 68.999.999.1
  5. Verify the connection to a node on a different network: ping 63.74.93.239

For each of these ping tests, you should have 4 replies.

Any of the IP addresses in these tests above can be replaced by the hostname or NetBIOS name (LAN only), for instance:

These can be especially helpful in troubleshooting resolution issues. For example, if I could ping 63.74.92.232 successfully (and get 4 replies) but I could not ping http://www.bitzenbytes.com/, it would indicate that my DNS server was down, or that I had the wrong settings in Network Properties (or that the wrong settings were assigned by the DHCP server).

I mentioned that these numbers are fictitious, and your numbers will be different, but how do you find out what numbers to use? Here’s what I do:

Open a command (DOS) prompt. Type in ipconfig /all and hit Enter. This will give you your current IP address, subnet mask, gateway, DHCP server and DNS servers. Jot this stuff down. Keep it in a safe place.

For hostname assigned to your IP address, type in tracert yourIPaddress, replacing, of course, yourIPaddress with the address you wrote down in the previous step.

To get the IP address and hostname of your mail server, ping the name you have in your email program's server settings; for instance, one of my settings just has ‘mail’ (Comcast, for the time being at least, will normally resolve ‘mail’ to your assigned mail server). I would type ping mail.

Keep all these hostnames and IP addresses handy. There may come a time when you will need them to troubleshoot your connection.

For more information on the ping command, check out the Windows Help file.

That’s enough for part 1. Next time we’ll dig a little deeper into the ipconfig, tracert and nslookup commands.
[Printer friendly page | Send to a friend]