🔧

Network Troubleshooting Techniques and Insights

Aug 9, 2024

Lecture Notes: Network Troubleshooting and Configuration Issues

Half-Duplex vs. Full-Duplex Ethernet

  • Half-Duplex: Legacy devices, potential collisions
    • Collisions: Occur when two devices send data simultaneously
    • Collision Handling: Devices recognize collision, wait randomly, retransmit
    • Performance Issues: More collisions with more devices
  • Full-Duplex: Modern networks, no collisions
    • Configuration Check: Verify devices are not mismatched (full vs. half)
    • Hardware Issues: Check NICs and drivers

Monitoring Network Performance on Cisco Switches

  • Show Interfaces Command: Check runts, giants, input errors, CRCs, collisions, late collisions
  • Interface Resets: Check configurations on switch and connected devices

IPv4 and Broadcast Domains

  • Broadcasts: Normal for certain protocols
    • VLAN Limitation: Broadcasts limited to devices in the same VLAN
    • Performance Issues: Too many broadcasts can degrade network performance
    • Packet Capture: Identifies broadcast source and frequency
  • Mitigation: Segment network into smaller subnets

Duplicate MAC and IP Addresses

  • MAC Addresses: Unique, issues can indicate on-path attacks or manufacturing errors
    • Packet Capture: Detect duplicate MACs through ARP
    • ARP Cache: Check device MAC addresses
  • IP Addresses: Duplicate IPs more common, especially with static assignments
    • DHCP Issues: Multiple servers or static IP conflict
    • Troubleshooting: Ping network, check ARP table, verify switch interfaces
    • DHCP Capture: Detect multiple DHCP server responses

Multicast Flooding

  • Multicast Traffic: Sent to all switch ports by default
    • IGMP Snooping: Intelligent multicast traffic forwarding

Asymmetric Routing

  • Definition: Different paths for outbound and inbound traffic
    • Firewall Issues: State-based devices may drop traffic
    • Traceroute: Identifies asymmetric routes

Switching Loops

  • Definition: Network loop causing continuous traffic circulation
    • Prevention: Spanning Tree Protocol (STP)
    • Layer 3 Networks: Routing loops with incorrect next hop
    • Traceroute Detection: Identifies looping routes

Missing Routes

  • Definition: Traffic sent to router with no forwarding path
    • ICMP Notification: Host unreachable message
    • Troubleshooting: Check routing tables on all routers for proper ingress and egress paths

Full transcript