LSNDI RMRA1

Design and troubleshooting

M Clements

LSNDI RMRA2

Introduction

Need for troubleshooting Troubleshooting tools Examples Lab work

LSNDI RMRA3

Broken routing configs

Configurations can sometimes fail to work as the writer hoped

Incorrect addressing (common) Incorrect configuration of parameters Missing commands Misunderstanding of the IOS

LSNDI RMRA4

Problem Manifestation

Routes/ hosts cannot be reached Routers or switches slow in operation ACLs fail to work Routing fails Failover systems fail to work as hoped Parts of network fine, others not Etc. etc.

LSNDI RMRA5

Tools to help diagnose problems

Ping – runs on routers and hosts Extended ping – runs on routers and

switches only Traceroute/ tracert Debug tools Show tools

LSNDI RMRA6

ping Echo request1

The echo request is an ICMP message whose data is expected to be received back in an echo reply. The host must respond to all echo requests with an echo reply containing the exact data received in the request message.

Type must be set to 8. Code must be set to 0. The Identifier and Sequence Number can be used by the client to

match the reply with the request that caused the reply. The data received by the Echo Request must be entirely included in

the Echo Reply.

LSNDI RMRA7

1ping Echo reply

The echo reply is an ICMP message generated in response to an echo request, and is mandatory for all hosts and routers.

Type and code must be set to 0. The identifier and sequence number can be used by the client

to determine which echo requests are associated with the echo replies.

The data received in the echo request must be entirely included in the echo reply.

LSNDI RMRA8

For you to try

Open traffic sniffer e.g. Ethereal or Wireshark Optionally you can set up a filter for ping traffic

(in and out) Start Ethereal or wireshark Ping an IP address you know is ‘up’ with cmd Wait until the ping completes Stop the sniffer Examine the icmp traffic

LSNDI RMRA9

Questions

What was the payload? How many packets were sent? How many were received? What was the time between ping packets

being sent? What is the sequence number in a request

and its subsequent reply?

LSNDI RMRA10

Extended ping

Implemented on routers and switches Allows more complex parameters Can send ping from a specific interface Can change data size and pattern Can validate replies Can change number of times ping is sent Can set other parameters too

LSNDI RMRA11

Extended pingATL#pingProtocol [ip]: Target IP address: 10.10.10.1Repeat count [5]: Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: ySource address or interface: 10.10.10.2Type of service [0]: Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:Packet sent with a source address of 10.10.10.2!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 20/32/48 ms

LSNDI RMRA12

For you to try

Open Packet Tracer (4.1 minimum) Connect 2 routers with a serial connection Set up addresses for the serial interfaces Choose DCE and set clock rate Turn the interfaces on Try the extended ping command – type ping [enter] Write down the parameters that you could change

LSNDI RMRA13

Traceroute/ tracert

This uses a set of pings to show routers between source and destination

Useful to see how traffic crosses a network Shows ping time, IP addresses and names

where available

LSNDI RMRA14

Example of the use of tracertC:\Documents and Settings\luther>tracert www.bbc.co.uk

Tracing route to www.bbc.net.uk [212.58.253.70]over a maximum of 30 hops:

1 1 ms <1 ms <1 ms 192.168.1.1 2 92 ms 9 ms 9 ms 10.39.192.1 3 10 ms 13 ms 10 ms 80.195.192.67 4 59 ms 277 ms 234 ms pc-62-30-243-49-bn.blueyonder.co.uk [62.30.243.49] 5 11 ms 13 ms 10 ms pc-62-30-243-86-bn.blueyonder.co.uk [62.30.243.86] 6 27 ms 18 ms 13 ms 194.117.136.146 7 10 ms 11 ms 11 ms bbc-gw0-linx.prt0.rbsov.bbc.co.uk [195.66.224.194] 8 146 ms 14 ms 12 ms 212.58.238.133 9 12 ms 13 ms 11 ms fe0-0.rt0-frontpost.prodgw.bbc.co.uk [212.58.239.222] 10 13 ms 15 ms 12 ms www1.cwwtf.bbc.co.uk [212.58.253.70]

Trace complete.

LSNDI RMRA15

Traceroute on a router

Full command traceroute can be used here– (Rather than tracert 8.3 dos convention)

Shows *NIX heritage Performs the same as tracert.exe on the

host PC

LSNDI RMRA16

For you to try

Open a packet sniffer Start the sniffer for the PC’s network interface Use cmd to invoke a tracert to a known host Capture the network dialogue Stop the sniffer Examine the dialogue

LSNDI RMRA17

Questions

What type of protocol is used for the tracert? Examine the ‘time to live’ flag in Internet Protocol Look at each ping request separately What is different about the time to live? Now see which host replied to that request – hint -

the sequence number allows this How do you think the tracert works now that you

have examined this traffic?

LSNDI RMRA18

Debug tools

debug command runs on routers and switches Allow us to see various dynamic parameters in

real time – e.g. arrival of routing information Use with care – takes router processing power

– always turn off after use Type router#debug ? To see the options

available

LSNDI RMRA19

For you to try

At the router Priv Exec prompt type debug ? Write down the command options displayed Now follow the ip option Add the ? Write down all options you can see These commands are all related to routing

and will help to diagnose routing problems

LSNDI RMRA20

Show commands

Typing show at the Priv exec prompt allows us to see static information about the router

E.g. routing table, interface information, clock, access-lists etc

Make a list of the show options available in Packet Tracer

LSNDI RMRA21

You, the detective

These tools allow a wide range of tests to be made

You need to devise tests to develop a hypothesis that fits your network problem

You may need to devise a test plan and eliminate items one at a time

A good diagram is ESSENTIAL when troubleshooting

LSNDI RMRA22

LAB work

Open Troubleshoot.pkt from this week’s web menu

Open the document TroubleshootingConnectivity_Handout.doc

Work through the example

LSNDI RMRA23

References

1http://en.wikipedia.org/wiki/Ping