Troubleshooting

Question 1

Troubleshooting Steps

Answer 1

1. ID Problem
2. Est. Theory
3. Test Theory
4. Est. Plan of Action
5. Implement
6. Verify Success
7. Document Findings

Question 2

ID Problem

Answer 2

What Changed
Duplicate if possible
Break into smaller pieces, address each

Question 3

Establish Theory

Answer 3

Start with Obvious
Top-down, Bottom-up along OSI layers
Break to small pieces, remove pieces that don’t apply

Question 4

Test Theory

Answer 4

Implement change, examine result

Question 5

Plan of Action

Answer 5

Minimize impact on ops
Plan B
Plan C
Have backup to go back/undo changes

Question 6

Implement Plan

Answer 6

Try the fix
Escalate if necessary

Question 7

Verify Functionality

Answer 7

Verify full system functionality

Question 8

Document Findings

Answer 8

Help Desk Database/Knowledge Base

Question 9

Signal errors on Fiber network

Answer 9

Check that right fiber type is used
Single/multimode fiber, different fiber diameters
Writing on outside of fiber cable

Question 10

Cable analyzer shows interference measuring NEXT or low SNR

Answer 10

Near End CrossTalk
Signal to Noise Ratio

Measure at both ends of cable
Maybe need shielded cable
Check crimp
Maintain max twists in pairs

Question 11

Tool to monitor status of network devices and connections

Answer 11

With SNMP track metrics in a MIB
Management Information Base

Question 12

What to monitor with SNMP

Answer 12

Link Status
Utilization, throughput over time chart
Error Rate
- CRC errors, runts/giants, drops

Question 13

CRC Error

Answer 13

Cyclic Redundancy Check

FCS at end of frame does not match result from CRC
Frame Check Sequence - checksum at end of frame

Problem with signal, check cable, connections

Question 14

Runts

Answer 14

Received Frame lass than 64 bytes

May be result of collision if half-duplex network

Question 15

Giants

Answer 15

Received Frame greater than 1518 bytes (or max configured frame size)

Question 16

Drops

Answer 16

Frame not transmitted or received

Question 17

How to prevent Switching Loops

Answer 17

Enable STP

Question 18

Root Bridge Selection - STP

Answer 18

All bridges/switches are assigned a bridge ID
Lowest ID is root
If tie, lowest MAC is root

Question 19

Port Roles - STP

Answer 19

Root Port - port traffic takes to get to the root bridge
Designated Port - active port to other devices on net
Blocked Port - port deactivated to prevent loops

Question 20

Port States - STP

Answer 20

Blocking/Discarding
Listening - not forwarding, cleaning the MAC table
Learning - not forwarding, adding to the MAC table
Forwarding - actively forwarding messages
Disabled - admin manually turned off port

Question 21

Everything appears to be correctly configured but packets are still getting dropped

Answer 21

Check if an ACL is configured somewhere on the network blocking traffic

Access Control List

Question 22

ICMP Host Unreachable Message

Answer 22

Tells you that router couldn’t find a route to destination

Check for missing entry in routing tables

Question 23

A client is assigned an APIPA address despite having DHCP configured

Answer 23

DHCP address pool may be exhausted

With APIPA, can only access resources on local subnet

Monitor for this using IPAM
Mitigate by reducing lease time

Question 24

IPAM

Answer 24

IP Address Management

Tool to monitor and report IP address shortages

Question 25

Duplicate IP Address

Answer 25

Caused by: - Static IP Addressing - Multiple overlapping DHCP servers - Rogue DHCP server Prevent - Ping address before assigning to check if already used

Question 26

Congestion

Answer 26

Too much traffic on limited speed link Cause packet queueing, buffering Queue gets full

Question 27

Jitter

Answer 27

Jitter is time between packets received Packets delayed in streaming service (VOIP, video, etc.) Choppy, stutter in voice calls Clicking heard

Question 28

Slow wireless

Answer 28

Disable legacy, low speed support. Leave only latest tech active Check for overlapping RF channels Adjust output power

Question 29

Roaming Misconfiguration

Answer 29

Access Points supporting SSID must be configured identically

Question 30

Protocol Analyzers

Answer 30

Wireshark Solve complex network issues

Question 31

Nmap

Answer 31

Network Mapper Port Scan OS Scan - Discover OS on devices without logging in to device Service Scan Find rogue devices Works on Layer 2 making it hard for rogue to hide ex: - nmap -F 10.1.10.222

Question 32

CDP

Answer 32

Cisco Discovery Protocol Cisco proprietary version of LLDP ID devices on network - port, MAC, VLAN, etc

Question 33

LLDP

Answer 33

Link Layer Discovery Protocol ID devices on network - port, MAC, VLAN, etc

Question 34

ping

Answer 34

uses ICMP to determine round trip time

Question 35

traceroute

Answer 35

tracert (Windows) traceroute (Unix/Linux/Mac) get info on routers packet travels through uses TTL exceded messages - find first router by setting TTL=1 - find second router by setting TTL=2 ICMP commonly filtered so may not get info on a router. Get asterisk instead

Question 36

nslookup

Answer 36

Query DNS

Question 37

dig

Answer 37

nslookup like tool but with more options

Question 38

tcpdump

Answer 38

Capture packets from command line

Question 39

netstat

Answer 39

netstat -a - show all active connections netstat -b - show binaries (windows) - executable used to make connections netstat -n - show IP addresses, not resolve names

Question 40

ipconfig

Answer 40

get IP details of station /all more detail Linux - ifconfig Linux (new) - ip address

Question 41

arp

Answer 41

arp -a - get all MAC addresses of systems on net layer 2 May need to ping device to get it added to arp tables

Question 42

Tone Generator

Answer 42

Tool - connect one end of cable to device, touch other end with probe, tone is generated

Question 43

Cable tester

Answer 43

Test pinout of cable continuity test

Question 44

Tap

Answer 44

Send a copy of packets to capture device

Question 45

Visual Fault Locator

Answer 45

"flashlight" to shine light down fiber cable Light shows through cable jacket where fiber is broken

Question 46

cmd show mac-address-table

Answer 46

Shows mac table

Question 47

cmd show route

Answer 47

show routing table form router

Question 48

cmd show interface

Answer 48

status of interface up, down, any errors speed, MTU, encapsulation type performance

Question 49

cmd show config

Answer 49

see configuration of device

Question 50

cmd show arp

Answer 50

show arp cache in device

Question 51

cmd show vlan

Answer 51

see which vlans are associated with each interface

Question 52

cmd show power

Answer 52

POE data

Question 53

Command to reactivate a switch port that is "administratively down"

Answer 53

no shutdown