Network Service Troubleshooting Flashcards

1
Q

Names not resolving

A
  • Web browsing doesn’t work
    • The Internet is broken!
  • Pinging the IP address works
    • There isn’t a communication problem
  • Applications aren’t communicating
    • They often use names and not IP addresses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Troubleshooting DNS issues

A
  • Check your IP configuration
    • Is the DNS IP address correct?

• Use nslookup or dig to test - Does resolution work?

• Try a different DNS server - Google is 8.8.8.8 &
8.8.4.4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

IP configuration issues

A
  • Communicate to local IP addresses
    • But not outside subnets
  • No IP communication - Local or remote
    • Communicate to some IP addresses - But not others
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Troubleshooting IP configurations

A
  • Check your documentation
    • IP address, subnet mask, gateway
  • Monitor the traffic
    • Examine local broadcasts
    • Difficult to determine subnet mask
  • Check devices around you
    • Confirm your subnet mask and gateway
  • Traceroute and ping
    • The issue might be your infrastructure
    • Ping local IP, default gateway, and outside address
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Duplicate IP addresses

A

• Static address assignments - Must be very organized

  • DHCP isn’t a panacea
    • Static IP addressing
    • Multiple DHCP servers overlap
    • Rogue DHCP servers
  • Intermittent connectivity
    • Two addresses “fight” with each other

• Blocked by the OS - Checks when it starts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Troubleshooting duplicate IP addresses

A
  • Check your IP addressing - Did you misconfigure?
    • Ping an IP address before static addressing
    • Does it respond?
  • Determine the IP addresses
    • Ping the IP address, check your ARP table
    • Find the MAC address in your switch MAC table
  • Capture the DHCP process
    • What DHCP servers are responding?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Duplicate MAC addresses

A
  • Not a common occurrence
    • MAC addresses are designed to be unique
    • May be a man-in-the-middle attempt
  • Mistakes can happen
    • Locally administered MAC addresses
    • Manufacturing error

• Intermittent connectivity
• Confirm with a packet capture, should see ARP
contention

  • Use the ARP command from another computer
    • Confirm the MAC matches the IP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Expired IP addresses

A

• A DHCP address should renew well before the lease
expires
• The DHCP server(s) could be down

  • Client gives up the IP address at the end of the lease
    • APIPA address is assigned
    • Checks in occasionally for a DHCP server
  • Look for an APIPA assigned address
    • 169.254..

• Check the status of your DHCP server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Rogue DHCP server

A
  • IP addresses assigned by a non-authorized server
    • There’s no inherent security in DHCP
  • Client is assigned an invalid or duplicate address
    • Intermittent connectivity, no connectivity
  • Disable rogue DHCP communication
    • Enable DHCP snooping on your switch
    • Authorized DHCP servers in Active Directory
  • Disable the rogue
    • Renew the IP leases
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Untrusted SSL certificate

A
  • Browsers trust signatures from certain CAs
    • A certificate was signed by a CA that’s not in our list
  • Error message on the browser
    • Certificate Authority Invalid
  • Check the certificate details
    • Look for the issuing CA
    • Compare to the CA list on your computer
  • If it’s an internal server, it may be internally signed
    • Add your internal CA certificate to the list
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Incorrect time

A

• Some cryptography is very time sensitive
• Active Directory requires clocks set within
five minutes of each other

• Kerberos communication uses a time stamp
• If the ticket shown during authentication is too old,
it’s invalid

  • Client can’t login
    • Check the timestamp of the client and the server
  • Configure NTP on all devices
    • Automate the clock setting
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Exhausted DHCP scope

A
  • Client received an APIPA address
    • Local subnet communication only
  • Check the DHCP server
    • Add more IP addresses if possible
  • IP address management (IPAM) may help
    • Monitor and report on IP address shortages
  • Lower the lease time
    • Especially if there are a lot of transient users
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Blocked TCP/UDP ports

A
  • Applications not working
    • Slowdowns with other applications
  • Firewall or ACL configuration
    • Security choke points
  • Confirm with a packet capture
    • No response to requests
  • Run a TCP- or UDP-based traceroute tool
    • See how far your packet can go
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Incorrect host-based firewall setting

A

• Applications not working
• Based on the application in use and not necessarily
the protocol and port

  • Check the host-based firewall settings
    • Accessibility may be limited to an administrator
    • Managed from a central console
  • Take a packet capture
    • The traffic may never make it to the network
    • Dropped by the operating system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Incorrect ACL setting

A
  • Only certain IP addresses accessible
    • Or none
  • Access Control Lists
    • IP address, port numbers, and other parameters
    • Can allow or deny traffic by filtering packets

• Confirm with packet captures and TCP/UDP
traceroutes
• Identify the point of no return

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Unresponsive service

A
  • No response to an application request
    • No answer
  • Do you have the right port number?
    • And protocol (TCP/UDP)?
  • Confirm connectivity
    • Ping, traceroute
  • Is the application still working?
    • Telnet to the port number and see if it responds
17
Q

Hardware failure

A
  • No response
    • Application doesn’t respond
  • Confirm connectivity
    • Without a ping, you’re not going to connect
  • Run a traceroute
    • See if you’re being filtered
    • Should make it to the other side
  • Check the server
    • Lights? Fire?