Wired Network Troubleshooting

Question 1

Signal loss

Answer 1

• Usually gradual
• Signal strength diminishes over distance
• Attenuation
• Loss of intensity as signal moves through a medium
• Electrical signals through copper, light through fiber
• Radio waves through the air

Question 2

Decibels (dB)

Answer 2

• Signal strength ratio measurements
• One-tenth of a bel
• Capital B for Alexander Graham Bell
• Logarithmic scale
• Add and subtract losses and gains
• 3 dB = 2x the signal
• 10 dB = 10x the signal
• 20 dB = 100x the signal
• 30 db = 1000x the signal

Question 3

dB loss symptoms

Answer 3

• No connectivity
• No signal!
• Intermittent connectivity
• Just enough signal to sync the link
• Poor performance
• Signal too weak
• CRC errors, data corruption
• Test each connection
• Test distance and signal loss

Question 4

Latency

Answer 4

• A delay between the request and the response
• Waiting time
• Some latency is expected and normal
• Laws of physics apply
• Examine the response times at every step along the way
• This may require multiple measurement tools
• Packet captures can provide detailed analysis
• Microsecond granularity
• Get captures from both sides

Question 5

Jitter

Answer 5

• Most real-time media is sensitive to delay
• Data should arrive at regular intervals
• Voice communication, live video
• If you miss a packet, there’s no retransmission
• There’s no time to “rewind” your phone call
• Jitter is the time between frames
• Excessive jitter can cause you to miss information,
“choppy” voice calls

Question 6

Troubleshooting excessive jitter

Answer 6

• Confirm available bandwidth
• Nothing will work well if the tube is clogged
• Make sure the infrastructure is working as expected
• Check queues in your switches and routers
• No dropped frames
• Apply QoS (Quality of Service)
• Prioritize real-time communication services
• Switch, router, firewall, etc.

Question 7

Crosstalk (XT)

Answer 7

• Signal on one circuit affects another circuit
• In a bad way
• Leaking of signal
• You can sometimes “hear” the leak
• Measure XT with cable testers
• Some training may be required
• Near End Crosstalk (NEXT)
• Interference measured at the transmitting end
(the near end)
• Far End Crosstalk (FEXT)
• Interference measured away from the transmitter

Question 8

Troubleshooting crosstalk

Answer 8

• Almost always a wiring issue
• Check your crimp
• Maintain your twists
• The twist helps to avoid crosstalk
• Category 6A increases cable diameter
• Increased distance between pairs
• Test and certify your installation
• Solve problems before they are problems

Question 9

Avoiding EMI and interference

Answer 9

• Electromagnetic interference
• Cable handling
• No twisting - don’t pull or stretch
• Watch your bend radius
• Don’t use staples, watch your cable ties
• EMI and interference with copper cables
• Avoid power cords, fluorescent lights,
electrical systems, and fire prevention components
• Test after installation
• You can find most of your problems before use

Question 10

Opens and shorts

Answer 10

• A short circuit
• Two connections are touching
• Wires inside of a cable or connection
• An open circuit
• A break in the connection
• Complete interruption
• Can be intermittent

Question 11

Troubleshooting opens and shorts

Answer 11

• May be difficult to find
• The wire has to be moved just the right way
• Wiggle it here and there
• Replace the cable with the short or open
• Difficult or impossible to repair
• Advanced troubleshooting with a TDR
• Time Domain Reflectometer

Question 12

Troubleshooting pin-outs

Answer 12

• Cables can foul up a perfectly good plan
• Test your cables prior to implementation
• Many connectors look alike
• Do you have a good cable mapping device?
• Get a good cable person
• It’s an art

Question 13

T568A and T568B termination

Answer 13

• Pin assignments from EIA/TIA-568-B standard
• Eight conductor 100-ohm balanced twisted-pair cabling
• T568A and T568B are different pin assignments
for 8P8C connectors
• Assigns the T568A pin-out to horizontal cabling
• Many organizations traditionally use 568B
• Difficult to change in mid-stream
• You can’t terminate one side of the cable with
568A and the other with 568B
• It won’t be a straight-through cable

Question 14

Incorrect cable type

Answer 14

• Excessive physical errors, CRC errors
• Check your layer 1 first
• Check the outside of the cable
• Usually printed on the outside
• May also have length marks printed
• Confirm the cable specifications with a TDR
• Advanced cable tester can identify damaged cables

Question 15

Incorrect cable type

Troubleshooting interfaces

Answer 15

• Interface errors
• May indicate bad cable or hardware problem
• Verify configurations
• Speed, duplex, VLAN, etc.
• Verify two-way traffic
• End-to-end connectivity

Question 16

Transceiver mismatch

Answer 16

• Transceivers have to match the fiber
• Single mode transceiver connects to single mode
fiber
• Transceiver needs to match the wavelength
• 850nm, 1310nm, etc.
• Use the correct transceivers and optical fiber
• Check the entire link
• Signal loss
• Dropped frames, missing frames

Question 17

Reversing transmit and receive

Answer 17

• Wiring mistake
• Cable ends
• Punchdowns
• Easy to find with a wire map
• 1-3, 2-6, 3-1, 6-2
• Simple to identify
• Some network interfaces will
automatically correct (Auto-MDIX)

Question 18

TX/RX reversal troubleshooting

Answer 18

• No connectivity
• Auto-MDIX might connect
• Try turning it on
• Locate reversal location
• Often at a punchdown
• Check your patch panel

Question 19

Damaged cables

Answer 19

• Copper cables are pretty rugged
• But they aren’t indestructible
• Cables can be out in the open
• Stepped on, folded between a table and wall
• Check your physical layer
• Cables should not be bent or folded
• Check for any bent pins on the device
• It’s difficult to see inside of the cable
• Check your TDR, replace the cable (if possible)

Question 20

Bottlenecks

Answer 20

• There’s never just one performance metric
• A series of technologies working together
• I/O bus, CPU speed, storage access speed,
network throughput, etc.
• One of these can slow all of the others down
• You must monitor all of them to find the slowest one
• This may be more difficult than you might expect

Question 21

Interface configuration problems

Answer 21

• Poor throughput
• Very consistent, easily reproducible
• No connectivity
• No link light
• No connectivity
• Link light and activity light

Question 22

Interface configuration

Answer 22

• Auto vs. Manual configuration
• Personal preference
• Light status
• No light, no connection
• Speed
• Must be identical on both sides
• Duplex
• If mismatched, speed will suffer

Question 23

VLAN mismatch

Answer 23

• Switch is configured with the incorrect VLAN
• Configured per switch interface
• Link light, but no surfing
• A DHCP IP address may not be on the correct subnet
• Manually IP addressing won’t work at all
• Check the switch configuration for VLAN configuration
• Each port should have a VLAN setting
• VLAN 1 is usually the default

Question 24

Duplex/speed match

Answer 24

• Speed and duplex
• Speed: 10 / 100 /1,000 / Auto
• Duplex: Half / Full / Auto
• Incorrect speed
• Many switch configurations will auto-negotiate speed
• Less than expected throughput
• Incorrect duplex
• Again, the switch may auto-negotiate
• Needs to match on both sides
• A mismatch will cause significant slowdowns
• Increase in Late Collisions
may indicate a duplex mismatch

Question 25

Reflection

Answer 25

• Wireless signals can bounce off some surfaces
• Depends on the frequencies and the surfaces
• Too much reflection can weaken the signal
• A little multipath interference actually
helps with MIMO
• Position antennas to avoid excessive reflection
• May not be a problem for MIMO in 802.11n and 802.11ac

Question 26

Refraction

Answer 26

• Signal passes through an object and
exits at a different angle
• Similar to light through water
• Data rates are affected - Signal is less directional
• Outdoor long-distance wireless links
• Changes in air temperature and water vapor

Question 27

Absorption

Answer 27

• Signal passes through an object and loses signal strength
• Especially through walls and windows
• Different objects absorb differently as frequencies change
• 2.4 GHz may have less absorption than 5 GHz
• Put the antennas on the ceiling
• And avoid going through walls

Question 28

Latency and jitter

Answer 28

• Latency - Delays between transmission and reception
• Jitter - Deviation from a predictable data stream
• Wireless interference and signal issues
• Slower data rates
• Increase in retransmissions
• Capacity issues
• Many people using the same wireless frequencies

Question 29

Attenuation

Answer 29

• Wireless signals get weaker as you move farther from the
antenna
• The attenuation can be measured with a Wi-Fi analyzer
• Control the power output on the access point
• Not always an option
• Use a receive antenna with a higher gain
• Capture more of the signal
• Move closer to the antenna - May not be possible

Question 30

Interference

Answer 30

• Interference
• Something else is using our frequency
• Predictable
• Florescent lights, microwave ovens,
cordless telephones, high-power sources
• Unpredictable - Multi-tenant building
• Measurements
• netstat –e
• Performance Monitor

Question 31

Incorrect antenna type

Answer 31

• The antenna must fit the room
• Or the distance between sender and receiver
• Omnidirectional
• Useful on the ceiling
• Not very useful between buildings
• Directional
• Used often between two points
• Or on a wall-mounted access point
• The access point may provide options
• Connect different antennas

Question 32

Incorrect antenna placement

Answer 32

• Interference
• Overlapping channels
• Slow throughput
• Data fighting to be heard through the interference
• Check access point locations and channel settings
• A challenge for 2.4 GHz
• Much easier for 5 GHz

Question 33

Overcapacity

Answer 33

• Device saturation
• Too many devices on one wireless network
• There are only so many frequencies
• The 5 GHz can really help with this
• Bandwidth saturation
• Large data transfers
• Common in large meeting places
• Conferences
• Airports
• Hotels

Question 34

Frequency mismatch

Answer 34

• Devices have to match the access point
• 2.4 GHz, 5 GHz
• Verify the client is communicating
over the correct channel
• This is normally done automatically
• May not operate correctly if manually configured
• Older standards may slow down the newer network
• 802.11b compatibility mode on 802.11n networks
• Every access point has an SSID
• But did you connect to the right one?
• This can be more confusing than you might think
• Public Wi-Fi Internet
• Guest Internet
• Internet
• Confirm the correct SSID settings
• Should be listed in the current connection status

Question 35

Wrong passphrase

Answer 35

• Wireless authentication
• Many different methods
• Required to connect to the wireless network
• If not connected, check the authentication
• Shared passphrase
• Common in a SOHO, not in the enterprise
• 802.1X
• Used for the enterprise
• Make sure the client is configured to use 802.1X

Question 36

Security type mismatch

Answer 36

• Encryption on wireless is important
• Make sure the client matches the access point
• This is much easier these days
• Almost everything is at the level of WPA2
• Some legacy equipment may not be able to keep up
• If you change the access point, you may not
be able to support it
• Migrate all of your WEP to WPA2
• And any WPA

Question 37

Signal to noise ratio

Answer 37

• Signal
• What you want
• Noise
• What you don’t want
• Interference from other networks and devices
• You want a very large ratio
• The same amount of signal to noise (1:1) would be bad

Question 38

Names not resolving

Answer 38

• Web browsing doesn’t work
• The Internet is broken!
• Pinging the IP address works
• There isn’t a communication problem
• Applications aren’t communicating
• They often use names and not IP addresses

Question 39

Troubleshooting DNS issues

Answer 39

• Check your IP configuration
• Is the DNS IP address correct?
• Use nslookup or dig to test - Does resolution work?
• Try a different DNS server - Google is 8.8.8.8 & 8.8.4.4

Question 40

IP configuration issues

Answer 40

• Communicate to local IP addresses
• But not outside subnets
• No IP communication - Local or remote
• Communicate to some IP addresses - But not others

Question 41

Troubleshooting IP configurations

Answer 41

• Check your documentation
• IP address, subnet mask, gateway
• Monitor the traffic
• Examine local broadcasts
• Difficult to determine subnet mask
• Check devices around you
• Confirm your subnet mask and gateway
• Traceroute and ping
• The issue might be your infrastructure
• Ping local IP, default gateway, and outside address

Question 42

Duplicate IP addresses

Answer 42

• Static address assignments - Must be very organized
• DHCP isn’t a panacea
• Static IP addressing
• Multiple DHCP servers overlap
• Rogue DHCP servers
• Intermittent connectivity
• Two addresses “fight” with each other
• Blocked by the OS - Checks when it starts

Question 43

Troubleshooting duplicate IP addresses

Answer 43

• Check your IP addressing - Did you misconfigure?
• Ping an IP address before static addressing
• Does it respond?
• Determine the IP addresses
• Ping the IP address, check your ARP table
• Find the MAC address in your switch MAC table
• Capture the DHCP process
• What DHCP servers are responding?

Question 44

Duplicate MAC addresses

Answer 44

• Not a common occurrence
• MAC addresses are designed to be unique
• May be a man-in-the-middle attempt
• Mistakes can happen
• Locally administered MAC addresses
• Manufacturing error
• Intermittent connectivity
• Confirm with a packet capture,
should see ARP contention
• Use the ARP command from another computer
• Confirm the MAC matches the IP

Question 45

Expired IP addresses

Answer 45

• A DHCP address should renew well before the lease expires
• The DHCP server(s) could be down
• Client gives up the IP address at the end of the lease
• APIPA address is assigned
• Checks in occasionally for a DHCP server
• Look for an APIPA assigned address
• 169.254..
• Check the status of your DHCP server

Question 46

Rogue DHCP server

Answer 46

• IP addresses assigned by a non-authorized server
• There’s no inherent security in DHCP
• Client is assigned an invalid or duplicate address
• Intermittent connectivity, no connectivity
• Disable rogue DHCP communication
• Enable DHCP snooping on your switch
• Authorized DHCP servers in Active Directory
• Disable the rogue
• Renew the IP leases

Question 47

Untrusted SSL certificate

Answer 47

• Browsers trust signatures from certain CAs
• A certificate was signed by a CA that’s not in our list
• Error message on the browser
• Certificate Authority Invalid
• Check the certificate details
• Look for the issuing CA
• Compare to the CA list on your computer
• If it’s an internal server, it may be internally signed
• Add your internal CA certificate to the list

Question 48

Incorrect time

Answer 48

• Some cryptography is very time sensitive
• Active Directory requires clocks set within
five minutes of each other
• Kerberos communication uses a time stamp
• If the ticket shown during authentication
is too old, it’s invalid
• Client can’t login
• Check the timestamp of the client and the server
• Configure NTP on all devices
• Automate the clock setting

Question 49

Exhausted DHCP scope

Answer 49

• Client received an APIPA address
• Local subnet communication only
• Check the DHCP server
• Add more IP addresses if possible
• IP address management (IPAM) may help
• Monitor and report on IP address shortages
• Lower the lease time
• Especially if there are a lot of transient users

Question 50

Blocked TCP/UDP ports

Answer 50

• Applications not working
• Slowdowns with other applications
• Firewall or ACL configuration
• Security choke points
• Confirm with a packet capture
• No response to requests
• Run a TCP- or UDP-based traceroute tool
• See how far your packet can go

Question 51

Incorrect host-based firewall setting

Answer 51

• Applications not working
• Based on the application in use and
not necessarily the protocol and port
• Check the host-based firewall settings
• Accessibility may be limited to an administrator
• Managed from a central console
• Take a packet capture
• The traffic may never make it to the network
• Dropped by the operating system

Question 52

Incorrect ACL setting

Answer 52

• Only certain IP addresses accessible
• Or none
• Access Control Lists
• IP address, port numbers, and other parameters
• Can allow or deny traffic by filtering packets
• Confirm with packet captures and
TCP/UDP traceroutes
• Identify the point of no return

Question 53

Unresponsive service

Answer 53

• No response to an application request
• No answer
• Do you have the right port number?
• And protocol (TCP/UDP)?
• Confirm connectivity
• Ping, traceroute
• Is the application still working?
• Telnet to the port number and see if it responds

Question 54

Hardware failure

Answer 54

• No response
• Application doesn’t respond
• Confirm connectivity
• Without a ping, you’re not going to connect
• Run a traceroute
• See if you’re being filtered
• Should make it to the other side
• Check the server
• Lights? Fire?