Chapter 4. Troubleshooting Methodology


It's important to use a systematic approach to solving firewall problems, much in the same manner that a systematic approach to risk management or network engineering is helpful when building a firewall. When troubleshooting, this is especially important in dealing with the increasingly complex world of networking and computing technologies we are required to support today. If you don't rely on a logical method of isolating root causes and eliminating variables, you can find yourself wasting significant amounts of time repeating the same steps in your effort to resolve a troublesome issue, or you might even make the problem worse. The issue is further exacerbated by the increased dependency on networks over the years to perform critical tasks, which has increased the need to resolve problems with those networks quickly. Down time is tolerated less and less, and firewalls tend to be choke points and single points of failure in many networks. Firewall outages tend to have significant effects on an organization's operations.

In the heat of the moment and under pressure to make things happen quickly, it's very easy to make matters worse. Having a good problem-solving process can help you to "take a breath" and pull yourself out of the emotions of the moment to think about the problem more rationally. Problem-solving methodologies are also used in other fields, such as in emergency medicine and military combat operations, so you can see that its use is not merely an academic approach useful for paper only; it's useful in some truly high stress fields when seconds really do count. If it works for them, it can work for you!

As we begin, we would like to point out that we did not create the problem-solving process we present in this book. Instead, we have adapted problem-solving methods that we were exposed to in the past, such as Cisco System's troubleshooting methodology, the U.S. Army's Problem Solving Methodology from FM 22-100, and others.

In our experience, when you become accustomed to using the process, you will forget that you are even doing it, but it takes practice. The best time to use it is when the chips are down and you are up against a tight deadline. There is a saying in the military, "Train as you will fight because you will fight as you trained." The point of this phrase is that you don't want to do things differently when you are learning as opposed to when you are doing it for real. When the pressure is on, it's typical to fall back on your training, so push yourself to be actively methodical and systematic in your approach. If you do, you will operate that way instinctively and won't have to think about it in the pressure of the moment. In short, it will come naturally to you.

Even if you don't make this approach a regular part of your troubleshooting, we have found this approach to be extremely helpful when working on particularly troublesome issues when you do have more time. And lastly, if you are pressed for time, always check the documentation for your products first because your problem may be a common one, and the solution might be simply documented therein. To that end, we have included some of the more commonly reported problems users have encountered with Linux firewalls in Section 3 of this book, which we hope will directly cover a problem you are encountering.

For all those other cases where the solution is either not well documented, not clear what the problem is, or simply doesn't work, it is helpful to use the methodical approach we outline here to troubleshoot your problem.



    Troubleshooting Linux Firewalls
    Troubleshooting Linux Firewalls
    ISBN: 321227239
    EAN: N/A
    Year: 2004
    Pages: 169

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net