Module 12: Network Troubleshooting Flashcards
What are the four common types of network documentation?
- Physical topology
- Logical topology
- Network device documentation
- Network performance baseline documentation
What information is typically included in a physical topology diagram?
- Device name
- Device location (address, room number, rack location, etc.)
- Interface and ports used
- Cable type
What information might be documented for a router in network device documentation?
- Interface
- IPv4 address
- IPv6 address
- MAC address
- Routing protocol
What information might be documented for a switch in network device documentation?
- Ports enabled
- Access
- VLAN
- Trunk
- Link Aggregation (EtherChannel/LACP)
- Native VLAN
- Enabled status
What information might be documented for end-systems in network device documentation?
- Device name
- Operating system
- Services
- MAC address
- Static IPv4 and IPv6 addresses
- Default gateway
- DNS servers
What key questions should a network baseline answer?
- How does the network perform during a normal day?
- Where are the most errors occurring?
- What part of the network is most heavily used?
- What part of the network is least used?
- Which devices should be monitored, and what alert thresholds should be set?
- Can the network meet the identified policies?
What factors should be considered when conducting an initial network baseline?
Select key variables such as interface and CPU utilisation, and collect data for a long enough period to determine a “normal” network behaviour.
How can a logical network topology diagram assist with network monitoring?
It helps identify key devices and ports that should be monitored for performance and security
What commands can be used to gather information directly from routers and switches?
show, ping, traceroute, telnet/SSH and CDP/LLDP commands
What are the seven steps of the troubleshooting process?
- Define the problem
- Gather information
- Analyze information
- Eliminate possible causes
- Propose a hypothesis
- Test the hypothesis
- Solve the problem
What types of questions should be asked when gathering information from end users about network problems?
Both open-ended and closed-ended questions.
What commands can be used to gather information from network devices?
show, ping, traceroute, and telnet
What troubleshooting approaches use the OSI or TCP/IP layered models?
Bottom-up, top-down, and divide-and-conquer troubleshooting.
What are other troubleshooting methods besides the layered approach?
Follow-the-path, substitution, comparison, and educated guess.
Which troubleshooting approach is commonly used for software-related problems?
Top-down troubleshooting.
Which troubleshooting approach is commonly used for hardware-related problems?
Bottom-up troubleshooting.
What troubleshooting approach is often used by experienced technicians for new or unknown problems?
Divide-and-conquer troubleshooting.
What are common software troubleshooting tools?
NMS tools, knowledge bases, and baselining tools.
What is the function of a protocol analyzer such as Wireshark?
It decodes the various protocol layers in a recorded frame and presents the information in an easy-to-use format.
What are common hardware troubleshooting tools?
Digital multimeters, cable testers, cable analyzers, portable network analyzers, and Cisco Prime NAM.
How can a syslog server be used for troubleshooting?
It collects and stores event messages from network devices, allowing administrators to track configuration changes, ACL violations, interface status, and other critical events.
Where can Cisco devices send log messages?
Console, terminal lines, buffered logging, SNMP traps, and syslog servers.
How does syslog severity level numbering work?
The lower the level number, the higher the severity of the message.
What does the logging trap level command do?
It limits messages logged to the syslog server based on severity, only logging messages equal to or numerically lower than the specified level.
What are common symptoms of physical layer problems?
Performance lower than baseline, loss of connectivity, congestion, high CPU utilisation, and console error messages.
What are common causes of physical layer problems?
Power-related issues, hardware faults, cabling faults, attenuation, noise, interface configuration errors, exceeding component design limits, and CPU overload.
What are common symptoms of data link layer problems?
No functionality/connectivity at Layer 2 or above, network operating below baseline levels, excessive broadcasts, and console messages.
What are common causes of data link layer problems?
Encapsulation errors, address mapping errors, framing errors, and Spanning Tree Protocol (STP) failures or loops.
What are common symptoms of network layer problems?
Network failure and suboptimal performance.
What are common causes of network layer problems?
General network issues, connectivity issues, routing table problems, neighbour issues, and topology database inconsistencies.
What are common symptoms of transport layer problems?
Connectivity and access issues.
What are common causes of transport layer problems?
Misconfigured NAT or ACLs, incorrect traffic flow selection, improper order of ACL entries, implicit deny any, incorrect addresses and IPv4 wildcard masks, misconfigured transport layer protocol selection, source and destination port issues, misuse of the established keyword, and uncommon protocols.
What are common issues with NAT that affect network performance?
Misconfigured NAT inside or NAT outside, ACL misconfigurations, and interoperability issues with BOOTP, DHCP, DNS, SNMP, tunneling, and encryption protocols.
What are common symptoms of application layer problems?
Unreachable or unusable resources, full network connectivity with non-functioning applications, and data transfer or service requests not meeting user expectations.
What is Step 1 of the troubleshooting process for IP connectivity?
Verify the physical layer
What commands can be used to check the physical layer on a Cisco device?
show processes cpushow memoryshow interfaces
What is Step 2 of the troubleshooting process for IP connectivity?
Check for duplex mismatches
What command can be used to diagnose duplex mismatches on an interface?
show interfaces interface
What is Step 3 of the troubleshooting process for IP connectivity?
Verify addressing on the local network
What command displays the ARP cache on a Windows system?
arp
What command displays the IPv4 neighbor table on a Cisco IOS router?
show ip neighbors
What IOS command displays the MAC address table on a switch?
show mac address-table
What is Step 4 of the troubleshooting process for IP connectivity?
Verify the default gateway
What command verifies the default gateway on a Cisco router?
show ip route
What command verifies the presence of an IPv4 default gateway on a Windows host?
route print
In what 3 ways can IPv6 default gateway be configured?
- Manually
- SLAAC
- DHCPv6
What command enables a router as an IPv6 router?
`ipv6 unicast-routing
What command checks for the IPv6 default route on a router?
show ipv6 route
What is Step 5 of the troubleshooting process for IP connectivity?
Verify the correct path
What command can be used to verify the IPv4 routing table for a specific gateway?
show ip route | begin Gateway
What is Step 6 of the troubleshooting process for IP connectivity?
Verify the transport layer
What are two common transport layer issues that affect connectivity?
- ACL configurations
- NAT configurations
What utility is commonly used to test transport layer functionality?
telnet
What is Step 7 of the troubleshooting process for IP connectivity?
Verify ACLs
What command displays all IPv4 ACLs configured on a router?
show ip access-lists
What command displays all IPv6 ACLs configured on a router?
show ipv6 access-list
What command verifies which interface has an ACL applied?
show ip interfaces
What is Step 8 of the troubleshooting process for IP connectivity?
Verify DNS
What command displays DNS configuration information on a switch or router?
show running-config
What command manually maps a hostname to an IPv4 address on a switch or router?
ip host
Which statement describes the physical topology for a LAN?
It defines how hosts and network devices connect to the LAN.
A network engineer is troubleshooting a network problem where users cannot access the FTP server at the same IP address where a website can be successfully accessed. Which troubleshooting method would be the best to apply in this case?
Top-down
A computer technician performed a number of actions to correct a problem. Some actions did not solve the problem, but eventually a solution was found. What should be documented?
Everything that was done to try to solve the problem
A network engineer is troubleshooting a network problem and can successfully ping between two devices. However, Telnet between the same two devices does not work. Which OSI layers should the administrator investigate next?
From the network layer to the application layer
While designing changes to a data center because of a new IoE implementation, a network administrator has the job of diagramming the new physical topology of the area. What should be included in the physical topology diagram?
Cable locations and lengths between servers and switches
A network technician is troubleshooting an email connection problem. Which question to the end-user will provide clear information to better define the problem?
When did you first notice your email problem?
Which troubleshooting tool can be used to pinpoint the distance to a break in a network cable?
Cable tester
Which troubleshooting software is an example of a network management system tool?
WhatsUp Gold
What is the purpose of establishing a network baseline?
To help monitor and troubleshoot network performance
After which step in the network troubleshooting process would one of the layered troubleshooting methods be used?
Gathering symptoms from suspect devices
A company is setting up a web site with SSL technology to protect the authentication credentials required to access the web site. A network engineer needs to verify that the setup is correct and that the authentication is indeed encrypted. Which tool should be used?
Protocol analyzer
When should a network performance baseline be measured?
During normal work hours of an organization
A networked PC is having trouble accessing the Internet, but can print to a local printer and ping other computers in the area. Other computers on the same network are not having any issues. What is the problem?
The PC has a missing or incorrect default gateway.
A technician installed a network adapter in a computer and wants to test network connectivity. The ping command can receive responses from workstations on the same subnet but not from remote workstations. What could be causing the problem?
The default gateway is incorrect.
What network troubleshooting capability is provided by a cable analyzer?
Testing and certifying of copper and fiber cables
A computer can access devices on the same network but cannot access devices on other networks. What is the probable cause of this problem?
The computer has an invalid default gateway address.
