 | Chapter 11 Troubleshooting TCP/IP |  |
| Chapter 11 Troubleshooting TCP/IP | |
Because most problems have a simple cause, developing a clear idea of the problem often provides the solution. Unfortunately, this is not always true, so in this section we begin to discuss the tools that can help you attack the most intractable problems. Many diagnostic tools are available, ranging from commercial systems with specialized hardware and software that may cost thousands of dollars, to free software that is available from the Internet. Many software tools are provided with your UNIX system. You should also keep some hardware tools handy.
To maintain the network's equipment and wiring you need some simple hand tools. A pair of needle-nose pliers and a few screwdrivers may be sufficient, but you may also need specialized tools. For example, attaching RJ45 connectors to Unshielded Twisted Pair (UTP) cable requires special crimping tools. It is usually easiest to buy a ready-made network maintenance toolkit from your cable vendor.
A full-featured cable tester is also useful. Modern cable testers are small hand-held units with a keypad and LCD display that test both thinnet or UTP cable. Tests are selected from the keyboard and results are displayed on the LCD screen. It is not necessary to interpret the results because the unit does that for you and displays the error condition in a simple text message. For example, a cable test might produce the message "Short at 74 feet." This tells you that the cable is shorted 74 feet away from the tester. What could be simpler? The proper test tools make it easier to locate, and therefore fix, cable problems.
A laptop computer can be a most useful piece of test equipment when properly configured. Install TCP/IP software on the laptop. Take it to the location where the user reports a network problem. Disconnect the Ethernet cable from the back of the user's system and attach it to the laptop. Configure the laptop with an appropriate address for the user's subnet and reboot it. Then ping various systems on the network and attach to one of the user's servers. If everything works, the fault is probably in the user's computer. The user trusts this test because it demonstrates something she does every day. She will have more confidence in the laptop than an unidentifiable piece of test equipment displaying the message "No faults found." If the test fails, the fault is probably in the network equipment or wiring. That's the time to bring out the cable tester.
Another advantage of using a laptop as a piece of test equipment is its inherent versatility. It runs a wide variety of test, diagnostic, and management software. Install UNIX on the laptop and run the software discussed in the rest of this chapter from your desktop or your laptop.
This book emphasizes free or "built-in" software diagnostic tools that run on UNIX systems. The software tools used in this chapter, and many more, are described in RFC 1470, FYI on a Network Management Tool Catalog: Tools for Monitoring and Debugging TCP/IP Internets and Interconnected Devices. A catchy title, and a very useful RFC! The tools listed in that catalog and discussed in this book are:
Provides information about the basic configuration of the interface. It is useful for detecting bad IP addresses, incorrect subnet masks, and improper broadcast addresses. Chapter 6, Configuring the Interface , covers ifconfig in detail. This tool is provided with the UNIX operating system.
Provides information about Ethernet/IP address translation. It can be used to detect systems on the local network that are configured with the wrong IP address. arp is covered in this chapter, and is used in an example in Chapter 2, Delivering the Data. arp is delivered as part of UNIX.
Provides a variety of information. It is commonly used to display detailed statistics about each network interface, network sockets, and the network routing table. netstat is used repeatedly in this book, most extensively in Chapters 2, 6, and 7. netstat is delivered as part of UNIX.
Indicates whether a remote host can be reached. ping also displays statistics about packet loss and delivery time. ping is discussed in Chapter 1, Overview of TCP/IP and used in Chapter 7. ping also comes as part of UNIX.
Provides information about the DNS name service. nslookup is covered in detail in Chapter 8, Configuring DNS Name Service . It comes as part of the BIND software package.
Also provides information about name service, and is similar to nslookup.
Provides information about the contents of the RIP update packets being sent or received by your system. It is provided as part of the gated software package, but it does not require that you run gated. It will work with any system running RIP.
Prints information about each routing hop that packets take going from your system to a remote system.
Analyzes the individual packets exchanged between hosts on a network. snoop is a TCP/IP protocol analyzer that examines the contents of packets, including their headers. It is most useful for analyzing protocol problems. tcpdump is a tool similar to snoop that is available via anonymous FTP from the Internet.
This chapter discusses each of these tools, even those covered earlier in the text. We start with ping, which is used in more troubleshooting situations than any other diagnostic tool.
|  | |
| 11.1 Approaching a Problem |  | 11.3 Testing Basic Connectivity |