Troubleshooting TCPIP Addressing Problems


Troubleshooting TCP/IP Addressing Problems

Even in the best planned and implemented networks, problems arise from time to time. Some problems can be traced back to users making unauthorized changes to client computer settings, and others may be due to network connectivity problems such as downed or saturated links. Whatever the case may be, you need to quickly identify and correct problems related to TCP/IP addressing if network communications are to occur smoothly on your network.

In your troubleshooting efforts, you can make use of several tools that are built into Windows Server 2003. These tools include the venerable ping command, which has been around as long as TCP/IP (well, almost as long) and some newer tools, such as the pathping command and the Network Diagnostics tool that can be run within the Windows graphical user interface (GUI). Of course, there are many useful third-party tools and applications available, but you do not need to worry about them for the exam.

Troubleshooting APIPA

Objective:

Troubleshoot TCP/IP addressing.

  • Diagnose and resolve issues related to Automatic Private IP Addressing (APIPA).

APIPA is a double-edged sword when it comes to TCP/IP configuration. Introduced in Windows 98, APIPA allows a DHCP-configured computer to automatically assume (or take on) an IP address from the range 169.254.0.1-169.254.255.254 with a subnet mask of 255.255.0.0 when a DHCP server cannot be contacted. IP addresses in this range are sometimes referred to as 169.254.x.y.

So far, it sounds like APIPA is the best thing to come along in the networking world since TCP/IP itselfso why did we call it a double-edged sword? Although APIPA does provide a client with an IP address if a DHCP server cannot be contacted, the only guarantee that is made is that the IP address the client assumes will not belong to any other computer on its IP subnet. Past that, all bets are off. APIPA does not provide any other information to the computer beyond the IP address and subnet mask. This means that computers possessing APIPA IP addresses will not be able to communicate with other computers working with correctly assigned IP addresses and subnet masks. In addition, APIPA computers receive no default gateway and thus are unable to communicate outside their IP subnet.

If one computer cannot communicate with the rest of the network, you can start your troubleshooting search with APIPA. By issuing the ipconfig/all command, you will quickly determine the status of the computer's network adapter. Figure 1.12 shows the output you can expect to see when a DHCP-enabled computer cannot locate a DHCP server.

Figure 1.12. Network adapters with APIPA IP addresses display the IP address 169.254.x.y


As usual, identifying a problem is only half the battle. The other half is correcting it. Should you have a computer with an APIPA IP address that is having trouble communicating, you need to determine exactly why that computer is not able to communicate with the DHCP server. The possibilities are virtually endless and range from a disconnected network cable to network traffic problems to incorrect TCP/IP configurations.

Client computers who have an APIPA IP address will not be able to connect to any network resources, will not be able to properly process a user logon (although the client computer may be able to perform a logon using cached credentials if Group Policy allows it), and generally will cause a call to the Help Desk. The next section describes how to troubleshoot and diagnose some of these problems.

Troubleshooting Incorrect TCP/IP Configurations

Objective:

Troubleshoot TCP/IP addressing.

  • Diagnose and resolve issues related to incorrect TCP/IP configuration.

Having incorrectly configured TCP/IP settings is a problem that you should strive to avoid if at all possible. The best way to avoid having TCP/IP configuration problems is to implement and use DHCP on a network to handle the assignment of IP addresses and other network information. DHCP is discussed in Chapter 2.

If you cannot use DHCP or still have TCP/IP configuration problems, even with DHCP on the network, you can use the tools that Windows Server 2003 provides to determine where the problem lies. Three of these toolsping, ipconfig, and the Network Diagnostics toolare discussed in the following sections.

Exam Alert: Know Your Tools

You'll want to have a good understanding of the tools used in basic TCP/IP troubleshooting on test day. This knowledge will also carry over into your daily routine as a system administrator.


ping

The ping command is practically as old as TCP/IP networking itself. You can use the ping command to test basic network connectivity between two computers over local and remote networks. The basic syntax of the ping command is ping computerIP. This command causes Windows to send to the remote computer four special ICMP packets, which will then be returned to the local computer. Figure 1.13 shows the output of a simple ping command against an internal network server.

Figure 1.13. You can use the ping command to verify that basic connectivity exists between two computers.


The following is the full syntax of the ping command:

ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [{-j HostList | -k HostList}] [-w timeout]


The switches used with the ping command are described in Table 1.8.

Table 1.8. The ping Command Switches

Switch

Description

-t

Specifies that the ping command should continue sending echo request (ICMP) messages until manually interrupted. This is useful for establishing and monitoring a constant connection between two hosts.

-a

Specifies that reverse name resolution is to be performed on the destination IP address. (Name resolution is discussed in Chapter 3.)

-n count

Specifies how many echo request messages are to be sent to the destination computer. The default is 4.

-l size

Specifies the length of the data field on the echo request, up to a maximum of 65,527 bytes. The default is 32 bytes.

-f

Specifies that the echo request messages shall not be fragmented by routers along their path. This setting can be used to troubleshoot maximum transmission unit (MTU)-related problems.

-i TTL

Specifies the value of the Time to Live (TTL) field in the IP header for echo request messages sent. The default is the default TTL value for the host. The maximum TTL is 255.

-v TOS

Specifies the value for the Type of Service (TOS) field in the echo request. The default value is 0, and valid values range from 0 to 255.

-r count

Specifies that the Record Route option in the IP header is used to record the path taken by the echo request message and corresponding echo reply message. The count must between 1 and 9.

-s count

Specifies that the Internet Timestamp option in the IP header is used to record the time of arrival for the echo request message and corresponding echo reply message for each hop. The count must be between 1 and 4.

-j HostList

Specifies that the echo request messages use the Loose Source Route option in the IP header with the set of intermediate destinations specified in HostList. When you're using loose source routing, successive intermediate destinations can be separated by one or multiple routers. You can enter a maximum of nine addresses or hostnames in HostList.

-k HostList

Specifies that the echo request messages use the Strict Source Route option in the IP header with the set of intermediate destinations specified in HostList. When you're using strict source routing, the next intermediate destination must be directly reachable. You can enter a maximum of nine addresses or hostnames in HostList.

-w timeout

Specifies the amount of time, in milliseconds, to wait for the echo reply message to be received. The default timeout is 4000 milliseconds (4 seconds).


Note: The Story of ping

If you want to read about the history of the ping command and learn some other interesting ping-related trivia, be sure to visit the page of the late Mike Muuss, creator of the ping application. You can find it at http://ftp.arl.mil/~mike/ping.html.


Although the ping command has many options available, you will most often find yourself using it as demonstrated previously, perhaps by appending the -t and/or -a switches to it. This provides a constant, verifiable connection and name resolution for your troubleshooting efforts.

ipconfig

You can use the ipconfig command to quickly determine what settings have been configured for the network adapters in computers. In addition, you can use this command to release and renew DHCP-assigned IP addresses and flush the local DNS cache. Figure 1.14 shows the output of the ipconfig/all command on a healthy adapterthat is, one that has no network connectivity problems.

Figure 1.14. You can use the ipconfig command to verify the configuration status of a network adapter.


The following is the full syntax of the ipconfig command:

ipconfig [/all] [/renew adapter] [/release adapter] [/flushdns] [/displaydns] [/registerdns] [/showclassid adapter] [/setclassid adapter ClassID]


The switches for the ipconfig command are described in Table 1.9.

Table 1.9. The ipconfig Command Switches

Switch

Description

/all

Specifies that the full TCP/IP configuration is to be displayed for all installed network adapters.

/renew adapter

Specifies that the DHCP configuration for the specified adapter (or all adapters, if none is specified) is to be renewed.

/release adapter

Specifies that the DHCP configuration for the specified adapter (or all adapters, if none is specified) is to be released by sending a DHCPRELEASE message to the DHCP server.

/flushdns

Specifies that the contents of the local DNS resolver cache are to be flushed. This is useful in times of DNS-related troubleshooting.

/displaydns

Specifies that the contents of the local DNS resolver cache are to be displayed onscreen.

/registerdns

Specifies that a manual dynamic registration for the DNS name and IP address assigned to the computer is to be performed. This is most useful when you're troubleshooting DNS-related issues.

/showclassid adapter

Specifies that the DHCP class ID for the specified adapter is to be displayed. This is useful when you're troubleshooting DHCP options that are assigned by class ID.

/setclassid adapter ClassID

Specifies that the DHCP class ID for the specified adapter is as provided in the ClassID space. This removes the currently assigned class ID if no value is specified.


You will most often find yourself using the /all, /renew, /release, and /flushdns switches in troubleshooting TCP/IP.

The Network Diagnostics Tool

In an effort to continuously improve the tools available to you and make your job a bit easier, the Network Diagnostics tool is available in Windows XP and Windows Server 2003. You can use this tool to perform many of the same tests shown in the preceding section, plus many more, all from within the Windows GUI. As an example, the Network Diagnostics utility can ping SMTP and POP3 gateways, if it is configured to do so. All output is clearly and concisely provided and can be saved to an HTML file if desired.

The easiest way to find the Network Diagnostics tool is to select Start, Help and Support. Then you click Use Tools to view your computer information and diagnose problems. From the list on the left side that then appears, you click the Network Diagnostics link. To configure how the scan will be performed, you can click the Set Scanning Options link. Figure 1.15 shows the options that you can configure to control how the scan is performed.

Figure 1.15. You can configure a wide array of options to be examined by the Network Diagnostics tool.


When you are ready to perform the scan, click the Scan Your System link. The results of a typical scan are shown in Figure 1.16.

Figure 1.16. You can use the Network Diagnostics tool to easily generate a graphical display of TCP/IP network configuration problems.


You can configure the Network Diagnostics tool to examine as much or as little of a TCP/IP configuration as you like. It runs fairly quickly and, as mentioned previously, provides the ability to save the output to HTML files for later viewing.

netsh

The netsh command is an advanced configuration and troubleshooting command that provides that ability to manage almost any networking-related component on your Windows Server 2003 computer, but it does require you to have knowledge of the task you're trying to achieve. The netsh command can be used interactively or via scripting to manage networking-related configurations such as those for the Windows Firewall, DHCP, WINS, TCP/IP configuration and IP Security (IPSec) settings, as well as many other tasks.

Unlike the relatively easy to understand and use ping or ipconfig commands we examined earlier, netsh can seem significantly more complex to use due to its context-based operation. In other words, you don't simply append switches to the netsh command as you've seen previously with ping or ipconfig; instead, you first must set the context in which netsh operates. For instance, you would use interface context to manage network adapters or firewall context to manage the Windows Firewall.

Figure 1.17 demonstrates the context-based approach; that is, we've set the context to mange the TCP/IP properties of the network adapters in a Windows Server 2003 computer. In this case, as shown in the figure, we've simply opted to display the basic configuration of the network adapter.

Figure 1.17. The netsh command can be used to manage almost any networking related setting.


As we mentioned at the start of this section, the netsh command has been enhanced in Windows Server 2003 to provide you a means to reset the TCP/IP stack back to its default values should the need arise. This replaces the ability in previous versions of Windows to remove and reinstall TCP/IP for troubleshooting. This advanced troubleshooting and repair action of netsh is also accessed from the netsh interface ip context you saw previously in Figure 1.17 and is shown as an available command in Figure 1.18.

Figure 1.18. netsh allows you to reset the TCP/IP stack to its defaults for advanced network troubleshooting in Windows Server 2003.





MCSA(s)MCSE 70-291(c) Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
MCSA/MCSE 70-291: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure (Exam Prep)
ISBN: 0789736497
EAN: 2147483647
Year: 2006
Pages: 196
Authors: Will Schmied

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net