Troubleshooting Techniques | Cisco IP Routing Protocols: Trouble Shooting Techniques (Charles River Media Networking/Security)

TCP/IP networks, like OSI networks, require systematic troubleshooting techniques to be applied to identify and rectify network problems. A systematic treatment ensures that problems are timely detected and resolved, and the network is up and working. Network problems can range from simple connectivity problems between two hosts to incorrectly configured routers within a network.

To solve a specific network problem that is hampering functioning of the network, apply the problem-resolution model developed by Cisco. This model provides a systematic approach toward detecting the problem, identifying probable causes of the problem, selecting a probable solution to the problem, and finally, isolating the problem to solve it.

Problem Isolation in TCP/IP Networks

Problem isolation is a continuous phase of the process of identifying and solving a problem in TCP/IP networks.

Consider a scenario in which the local host is unable to access the remote host connected within a TCP/IP network. There can be several reasons, such as an incorrect address, subnet mask, or incorrect value specified in the default gateway entry of the local host. In addition, there can be connectivity problems between a specific local host and the remote host.

To isolate the actual problem of this scenario, follow a systematic path, as shown in Figure 5.2.

click to expand
Figure 5.2: Problem isolation for a network problem.

Figure 5.2 displays specific steps to identify the cause of the connectivity problem between the local host and the remote host. These steps can be performed in a sequence to isolate the problem between the local host and the remote host, as listed here:

Check the configuration of the local host and check for any incorrectly specified IP address, subnet mask address, and the default gateway. Specify correct values for an incorrectly specified address.
Check the connectivity between the local host and the router nearest to the local host. For this, use the ping and trace commands to test the connectivity. Use the ping command to test the connectivity to the nearest router and subsequently test the connectivity to the next routers. In addition, use the IP addresses to detect any problems with the DNS server.
Use the show command to determine the router configuration and its state if the router does not respond to the ping command.
Check the routing table by using the show ip route command.
Check the router’s fast-switching cache by using the show ip cache command.
After checking the state and configuration of the routers, check the configuration of the remote host. For the remote host, check the correct values of IP address, subnet mask address, and default gateway address.

The execution of these steps is explained with this example.

Define Solutions, a U.S.-based company, deals with the manufacturing and marketing of computer hardware, such as monitors, peripherals, and CPUs. The headquarters of Define Solutions is located in Denver, where it coordinates with its suppliers across the world.

Define Solutions has a TCP/IP-based network, which is divided into two subnets, subnet 1 and subnet 2. The network architecture of Define Solutions is shown in Figure 5.3.

click to expand
Figure 5.3: The TCP/IP network diagram of Define Solutions.

In Figure 5.3, hosts A, B, and C are connected to subnet 1, and host X is connected to subnet 2. Host X has been recently added to the network, and the network administrator has incorrectly configured its subnet mask. The subnet mask of host B is also incorrectly configured. As a result, some hosts can access host X, but others cannot.

Such connectivity problems are common in TCP/IP-based networks. These errors occur due to several reasons, such as an incorrectly configured default gateway address or subnet mask address. For example, connectivity between host B and host X exists, but host A cannot connect to host X. This is because host X has an incorrectly configured subnet mask address.

TCP/IP Problems and Symptoms

Now that you have learned the diagnostic commands used for troubleshooting TCP/IP network problems, let us discuss various connectivity related problems that are encountered in TCP/IP networks. Consider a scenario in a TCP/IP network in which hosts A and B are able to access host X, but hosts D and E cannot connect to host X. There can be several reasons for this problem, such as an incorrectly configured access list.

Table 5.3 displays various problems and their probable symptoms that can create connectivity problems in TCP/IP-based networks.

Based on the symptoms of the problems discussed in Table 5.3, specific action plans are devised and implemented to counter them.

Based on the symptoms listed in Table 5.3, problems of the TCP/IP-based networks are identified and isolated. After the problem is isolated, network administrators devise an action plan, which is implemented to resolve the isolated problem.

Table 5.3 : TCP/IP Problems and Symptoms
Problem	Symptom
Host cannot access other networks through the router.	Misconfigured access list. Default gateway not specified on the local host. Discontiguous network due to link failure or poor design.
Host cannot access offnet hosts through the router.	Misconfigured subnet mask on the local host. Router between the connecting hosts is nonfunctional. Default gateway not specified on the local host.
Some network services are available while some network services are not accessible.	Extended access list is incorrectly configured.
Router receives duplicate routing updates and packets.	Bridge or repeater is working in parallel with the router.
Some protocols are being routed while some protocols are not being routed.	The access list is incorrectly configured.
Router becomes nonfunctional when redistribution is used.	Problem with the default administrative distance. Missing redistribute or default-metric command.
Router as well as the host cannot connect to certain parts of the network.	Mismatch between the subnet mask configuration between the host and the router. Default gateway is not specified. Access list is incorrectly configured.
Users can access some hosts in a network but cannot access other hosts.	Default gateway is not specified on the remote hosts. The access list is incorrectly configured. Subnet mask or the address on the host or the router is incorrectly configured.
Users cannot connect to the network when one redundant path is nonfunctional.	The routing process has not converged. The access list or the routing filters are incorrectly configured. Discontiguous network due to link failure.

Table 5.4 displays the various problems you might encounter in a TCP/IP-based network and suggests possible action plans.

Note

Sometimes, the network problems can be temporary and arise due to slow router convergence. This happens because some of the routing protocols may take a long time to converge, which results in network problems. For example, RIP takes a longer time to converge than IGRP.

Table 5.4 : TCP/IP Problems and Action Plans
Problem	Action Plan
Incorrectly configured access list or filters.	Use the ping or trace command to isolate the router with a misconfigured access list. Use the show IP route command to check the routing table. Check for protocol exchanges by using commands, such as debug ip rip. Disable the access list temporarily, by using the no ip access-group command. Debug access lists.
Router between the connecting hosts is nonfunctional or down.	Use the ping command to identify and isolate the problem area in the entire network. This application of the ping command is called pinging outward. Check for incorrect router configurations and correct them. Check for intermediate LAN or WAN problems.
Default gateway is not specified on the local or remote host.	Check the routing table of the host by using the netstat –rn command. If no default gateway is specified, use the route add default address 1 command. In this command, address 1 is the IP address of the default gateway. If the default gateway is already specified, boot with the default gateway, specify the IP address of the default gateway in the host at the location, files/etc/defaultrouter.
The subnet mask is incorrectly configured on the local host, remote host, or the router.	Check the hosts files, files/etc/netmasks and /etc/re.local. Check the configuration of the router using the show ip interface command. Check the configuration of the host using the ifconfig –a command.
Discontiguous network due to poor design or link failure.	Check the routes by using the show ip route command. Use the ping or trace command to determine where the network traffic gets congested or stopped. Assign a secondary address if a backup path is available. Fix the nonfunctional link in the network. Redo the topology or reassign the addresses.
Router has not converged.	Check the problem using the show ip route command.

Another major problem with TCP/IP networks is that the router starts receiving duplicate routing updates on different interfaces, which results in loss of connectivity and poor network performance. This happens because a bridge or a repeater may have been placed parallel to the router, which enables the router to view other routers on multiple interfaces. To counter such problems, use the show ip route command to identify routes for each interface. In addition, you can use the debug ip command to examine the routing updates received by the router.

You may also encounter problems while redistributing routes in TCP/IP networks. When routes are redistributed from a routing protocol in a domain to a routing protocol being used in another domain, translation problems may hamper connectivity. These translation problems occur because metrics of a protocol may not get translated into metrics of another protocol. This can lead to unsecured exchange of dynamic routing information between different routing protocols, such as RIP and IGRP. Such unsecured exchange of routing information may create routing loops, which can degrade network performance and operations. To counter such problems, use the default-metric or the redistribute protocol metric command.

Pinging Loopback and Local IP Addresses

To check if the TCP/IP network is working properly, execute the loopback ping command.

At the prompt of your computer, specify:

C:\ping TCP/IP ip address

An error generated by this command indicates that TCP/IP is not properly installed. However, if this ping command is successfully executed, test the functioning of your host computer by using the local IP address with the ping command. To test the local IP address, type this command at the prompt:

C:\ping local IP address

If this command displays an error, it indicates a problem with the network adapter.

Pinging the Router

Use the ping command to test the connectivity between your computer and the router. For testing the connectivity between the router and the host computer, use the console connection or Telnet to access the IP interface of the router.

Pinging DNS, Default Gateway, and WINS Servers

Use the ping command to test the connectivity with the DNS server and the WINS server. In addition, use the ping command to check the connectivity of your computer with the default gateway of your network.

To test the connectivity of your host with the DNS server, use the IP address of the DNS server with the ping command, as shown here:

Ping <IP address of the DNS Server>

Note

You can get the IP address of the DNS server by using the ipconfig command. After executing the ipconfig command, view the IP addresses of the default gateway and the WINS server.

Use the ping command to test the connectivity of the host with the default gateway of the host and the WINS server. For this, use the IP addresses of the default gateway and the WINS server with the ping command. If the ping command is not executed successfully, check the IP address specified for the default gateway and the WINS server.

Note

The WINS server is used for NetBIOS name resolution.

Pinging a Remote IP Address

Use the ping command to test the connectivity between the local host and a remote host. For this, specify the IP address of the remote host with the ping command. If the ping command displays an error message, it implies that either the subnet mask address of the remote host is incorrectly specified or the IP address of the remote address is incorrect.

Using the Tracert Tool

Use the Tracert tool to trace a TCP/IP packet crossing its way to the destination. The syntax of the Tracert tool is:

Tracert [-d] [-h maximum hops] [-j host-lists]          [-w timeout] target-name

in which:

-d: Indicates not to resolve the addresses to the hostnames.

-h: Specifies the maximum number of hops that need to be taken to search for the target host.

-j: Specifies a loose source route along the host list.

-w: Specifies the number of milliseconds to wait before the next reply.

Target-name: Specifies the IP address of the target host.