Linux süsteemide võrgu probleemid ja nende lahendamine
Vaata ka:
Võrguprobleemid tekivad siis kui üks või mitu arvutit ei suuda suhelda võrgu teiste piirkondadega. Neid liigitatakse kolme gruppi.
- Ühenduse kaotus - kasutaja ei suuda pääseda ühtegi võrku.
- Vahelduv ühendus - kasutajad mõnda aega pääsevad võrgu ressursudele ligi, kuid tekkivad perioodilised seisakud.
- Timeout probleemid - timeout tekib võrgu ühenduse kadumisel, kuid sageli põhjustab timeout-i nõrk võrgu jõudlus või ülekoormus.
Tüüpilised probleemid:
PS! Mõned probleemid võivad kohtuda erinevates probleemi tüüpides.
1. Kaabli probleemid (Füüsiline kiht)
- kaabel või ühendus kahe võrgu seadme vahel on liiga pikk.
- kaabel on vigastatud.
- kaabel on puruks tõmmatud.
- kaablis võib tekkida lühis juhtmete vahel.
- kahe arvuti ühendamisel (kaartide MDI-X puudumisel) kasutatakse otse juhet cross kaabli asemel.
Neid probleeme saab lahendada kaablitestriga millega saab kontrollida juhtmete ühendust ja jutmetevahelist lühist. Pikemate distantside jaoks on olemas spetsiaalsed testrid mis saavad leida ohtlike painitus punkte ja näidata signaali sumbuvust juhtmetes.
2. Võrgu seadme/pordi probleemid (Füüsiline/Ühenduse kiht)
- Võrgu kaartide ja võrguseadmete portide häälesused ei vasta üksteisele ühenduse piires, näiteks duplexi tüüp või andmeedastuse kiirus.
- Etherneti v õrguseadmed ja kommutaatorid kiirustega 10/100/1000 ei lülitu ümber korrektselt paaritatud seadme kiirusele. Valesti saadakse aru teise poole kiirustest.
- Võrguseade ei ühildu emaplaadiga, muude seadmetega, seadme tarkvaraga, draiveritega.
Neid probleeme saab lahendada võrguseadme testimis tarkvaraga ja loopback connektoriga. Füüsiliste parameetrite halvenemisel või pordi läbilöömisel saab seda testida eritest seadmetega või või seadme tootja poolt.
3. Ühendusskihi probleem (Ühenduskiht)
- Ühesuguse MAC aadressi kasutamine kollisiooni domeenis või võrgu segmendis.
- Switch-ide või hub-ide kinnikiilumine/droppimine tundmatute freimide edastamisel.
- Seadme MAC aadress omab broadcast aadressi (0xFFFFFFFFFFFF).
- Broadcast storming.
- Portidevaheline loopback ehk portide kokkuühendamine, põhjustab paketi tsüklilist retransleerimist ja seadme ülekoormust.
- Pordi automaatne väljalülitamine.
- Pordi MAC aadressite filtreerimine.
- Spanning tree probleem - tekib loopback läbi mitme seadme
4. Ruutimis probleem (Võrgu kiht)
- Default gateway seade on vale.
- Default gateway seade on vigane.
- Default gateway poole pöördutakse läbi vale interfeisi.
- Vaheruuteris on keelatud mingisugused ICMP tüübid, ei toimi ping icmp traceroute.
- Tsükliline ruuting - tekib loopback läbi mitme seadme. Paketid ei jõua sel juhul kohale.
- Vale routing või ruutingu interface.
- Asümmeetriline ruuting - paketid lähevat ühe ip võrgu kaudu välja ja teisi värgu kaudu tulevad tagasi.
- Paketid sisenevad interfeisi/porti liiga tihti.
5. Seansi probleem (Seanssi kiht)
- Port on automaatselt blokeeritud, skaneerimise või DOS-i tõttu.
- TCP/UDP pordid süsteemis ühendusteks otsa saanud.
- Teenuse port linuxis on juba hõivatud.
- Linuxu UDP traceroute ei toimi - välises firewall-is on keeladut UDP pordide diapasoon.
6. Nimelahenduse probleem
- Ei lahendu lokaalselt defineeritud nimed või nimi localhost
- Seadme häälestustes puuduvad nimeserverid
- Ei lahendu hosti lühinimi lokaalses domeenis
- Ei lahendu hosti nimi internetis
Lahendadatakse nimelahendus programmidega: nslookup ja dig. Kasuks tulevad ka ping ja nmap selleks et kontrollida juurdepääsu nimeserveritela ja nende UDP portidele. Tuleb sooritada erinevaid päringuid vastu kontrollitud nimeservereid.
7. Võrgu koormuse probleemid
- Võrgu hubis tekivad kollisioonid (suure koormuse puhul viib võrgukiiruse järk võrra aeglasemaks).
- Seadme häälestused piiravad sissetulevat või väljaminevat traafikut.
- Port ei suuda edastada rohkem pakette mingisuguses või mõlemas suunas.
- Seade ei suuda edastada läbi enda maksimumist suuremat hulka pakette.
- Ruuteri tüüpi seade kaotab/unustab TCP seansse, tekkib juhuslikult seanside kadu (firewall-i seansi tabeli ülekoormus).
- Switch tüüpi seade kaotab ühendusi (MAC tabeli ülekoormus)
8. Tarkvara probleemid
- Vigane tarkvara ei suuda korralikult seadistada võrgukaarti või seadet.
- Firewalli vale häälestus (MAC, IP filtrid)
- VPN tarkvara vale häälestus (eriti IPSEC puhul) või vigased parameetrid.
- Autentimise vead. Gruppi või Kasutaja vale nimi/parool. Kõlbmatu sertifikaat.
Lahendatakse driverite seadistamisega, lokaalsete ja välis firewall-ide ümberhäälestamisega.
9. Võrgu Identifikaatori - võrguaadressi kordus
- Sama MAC aadressi kasutamine lokaal võrgus
- Sama IP aadressi kasutamine
_______________
To troubleshoot network connectivity problems, follow these steps:
- Use the Ping or PathPing command-line tools to test basic connectivity. Use Ping to isolate network hardware problems and incompatible configurations. Use PathPing to detect packet loss over multiple-hop trips.
- Check the event logs for network-card-related entries or connectivity-related entries.
- Check whether the network adapter is on the supporting list of the Computer operating system.
- Check other computers that use the same default gateway that are plugged into the same hub or switch. If these computers do not experience network connectivity problems, the problem may be a faulty network adapter on one computer.
- Contact the vendor of each motherboard and update the BIOS of the boards to obtain the latest version.
- Check the network adapter and uplink hardware (hub or switch) for common settings. Make sure that all complementing network resources (network adapter, hub, and switch) are set to the same speed and duplex level.
- Manually set the network adapter of the computer that has connectivity problems to half-duplex and a lower speed.
- Swap the network cable between the failing system and the hub or switch.
- Replace the network adapter with a network adapter that has been tested and proven reliable. To do this, follow these steps:
- Remove the network adapter diagnostics program.
- Remove the network adapter in Network properties.
- Install the new network adapter.
- Run Network Monitor at the same time on both ends of the network connection. After you filter the traces on the addresses of the two systems, compare both traces to see if you can see the same traffic.
Solving Network Problems
Objectives
After reading this chapter and completing the exercises, you will be able to:
- Discuss the benefits of network management and planning
- Understand the necessity for networking standards, policies and procedures, and documentation
- Troubleshoot your network following a structured approach
- Discuss the types of specialized equipment and other resources available for troubleshooting
Notes
Preventing Problems with Network-Management and Planning
The two ways to resolve network problems are: pre-emptive troubleshooting and troubleshooting. In a perfect world, we would be able to prevent problems before they occur (pre-emptive troubleshooting), however, network administrators often find themselves repairing problems that already exist (troubleshooting).
- Policies and procedures should be applied during the planning stages of a network as well as throughout the network’s life. Tasks that should be included in such policies are: back-up methods, security, hardware and software standards, upgrade guidelines, and documentation.
Backing Up Network Data
- To formulate any back-up plan, consider the following topics and issues:
- Determine what data should be backed up as well as how often. Some files seldom change and may require backup only weekly or monthly.
- Develop a schedule for backing up your data that includes the type of backup to be performed, how often, and at what time of the day.
- Identify the person(s) responsible for performing backups.
- Test your back-up system regularly.
- Table 13-1 summarizes the typical backup methods.
Setting Security Policies
- Security policies vary based on sensitivity of data, network size, and the company’s security standards. Once the detailed policy has been outlined in a network plan it should be followed closely in order to be effective.
- Security policy should not only include data security, but hardware security as well. If file server or other networking equipment is in a common area that anyone can access, security can easily be compromised.
- Special security requirements may be necessary for dial-in users.
- One of the most important security considerations is who should be granted network administrative access to the network. The more people who have this level of access, the more likely security problems will occur.
Setting Hardware and Software Standards
- It is very important to implement hardware and software standards. Since administrators are responsible for supporting networks, which includes hardware and software, administrators should be involved in deciding what hardware and software will be permitted on the network.
- Standards should be defined for desktop computers (standards for several levels of users might be necessary), networking devices, and server configurations.
- Regular evaluations of standards help ensure that your network does not become outdated.
Establishing Upgrade Guidelines
- Upgrading computer and networking technologies is a never-ending task. Establishing upgrade guidelines will help make the process easier.
- Always give users advance notice so that they know changes will take place and can respond to them. Additionally, disruptive upgrades should not be performed during normal working hours. A plan should be included on “undoing” an upgrade.
Maintaining Documentation.
- Documentation is often viewed as the most boring and time-consuming aspect of an administrator’s duties, however, it can be one of the most important elements of troubleshooting network problems. A well-documented network is much easier to troubleshoot than a network with very little documentation.
- If you work in a networking environment that encompasses multiple LANs, each LAN should have its own set of documentation. One of the most important lists is the address list. If a specific device is causing a problem on a network, it will most likely be identified by a MAC or IP address. If an updated address list is kept, location of a particular device is easily identified. An address list is an example of a list that can be kept as a database.
- Documentation should be kept in both hard copy and electronic form so that it is readily accessible. When information is updated, it should be documented on both forms of documentation.
Performing Pre-emptive Troubleshooting
- Pre-emptive troubleshooting saves time, prevents equipment problems, and ensures data security. More importantly, it can save a lot of frustration when trying to identify the cause of problems.The five ISO pre-emptive troubleshooting network-management categories are: accounting management, configuration management, fault management, performance management, and security management.
Practicing Good Customer-Relation Skills
- Users are customers and your customers are your best source of information when something goes wrong. It is extremely important to build good relationships with users.
Using Network-Monitoring Utilities
- It is important to establish a baseline of “normal” networking activity. This baseline can be used to identify when the network is acting “abnormally”.
- Network monitoring utilities gather the following information: Events, system usage statistics, and system performance statistics.
- Some of the specific network aspects that a baseline can be helpful in monitoring are: daily network utilization patterns, possible bottlenecks, heavy usage patterns, and protocol traffic patterns. This information is obviously very useful. For example, if utilization levels are constantly measured at 60% or greater, it’s time to look at an upgrade.
- SNMP is part of the TCP/IP protocol suite and it is used to manage a monitor device. Agents are used to gather information that is stored in a management information base (MIB).
- RMON is an advanced network monitoring protocol that extends the capabilities of SNMP. The two versions of RMON are: RMON1 and RMON2.
Quick Quiz
- Which backup method will back up all selected files without marking them as backed up?
Answer: Copy
- A ___________ defines a point of reference against which you can measure network performance and behavior when problems occur.
Answer: baseline
- What is the name of the SNMP database where information is stored?
Answer: MIB
- True or False: It is not necessary to document MAC addresses.
Answer: False – it is very useful to document MAC addresses
Network Troubleshooting
Troubleshooting Methodology
- Troubleshooting is often a learned skill instead of a skill that can be taught. However, there is a methodology that can be followed to help in troubleshooting problems.
- The following set of steps helps you troubleshoot most common networking problems:
- Eliminate any potential user errors.
- Verify that physical connections are indeed working.
- Verify the status of any suspect NICs.
- Restart the computer.
Structured Approach
- Sometimes even if the basic steps are followed, a more detailed approach might be necessary.
- The five-steps of the structured troubleshooting approach: prioritize, collect information, establish possible causes, isolate the problem, and test results.
- When collecting information, network administrators should find out as much information as they can by asking specific questions, such as those listed in the text.
- Once possible causes are identified, the most likely cause should be tested first. It is important to understand that only one change should be implemented at a time. If a technician tries several changes before testing each one, he/she will not know for sure which change solved the problem. Also, the technician may have fixed the original problem, but cause another one with an unnecessary change.
Using Special Tools
- There is more to troubleshooting than instincts and experience. Sometimes special tools are essential in solving problems.
- Some of the most common problems found in networks involve the physical cabling. A digital voltmeter (DVM) can measure a cable’s resistance and determine if a cable break has occurred.
- A TDR can also determine if a cable is broken. The difference between a TDR and DVM is that a TDR can pinpoint the exact location of the cable break. TDR devices are an expensive device, but can be rented at minimal cost.
- Basic cable testers are inexpensive, but typically can only test correct termination of twisted-pair cabling. Advanced cable testers can measure impedance, resistance, attenuation, and length.
- Oscilloscopes can be used to identify shorts, sharp bends or crimps, cable breaks, and attenuation problems.
- Network monitors evaluate the overall health of a network by monitoring all traffic. These programs can generate reports and graphs based on the data collected.
- Protocol analyzers combine hardware and software to provide the most advanced network troubleshooting available. This tool not only monitors traffic in real time but also can capture and decode packets.
Network Support Resources
- Microsoft TechNet is a subscription information service for supporting all aspects of networking. It can be an essential tool when supporting a Microsoft-based network.
- If a subscription to Microsoft TechNet is too expensive, Microsoft offers a free support service known as Microsoft Knowledge Base on their web site. It will not offer as much information as the TechNet subscription.
- There are support services offered by Linux and Novell NetWare. Many of these sites provide articles about known problems, workarounds and downloads of upgrades and bug fixes.
- There are also many online support services that allow you to tap into the knowledge of experienced networking professionals. Additionally, many of the networking periodicals are now available online as well.
Common Troubleshooting Situations
- Cabling and faulty NICs cause some of the more common network problems.
Quick Quiz
- Name the five steps of the structured troubleshooting approach.
Answer: set the priority, collect information, develop a list of possible causes, test each hypothesis to isolate the actual cause, and for each potential cause, attempt at least one solution
- True or False: Because networking technology changes frequently, it is necessary to upgrade equipment and software on a regular basis.
Answer: True
- Name at least three special tools that can be used when troubleshooting.
Answer: DVM, TDR, basic cable tester, advanced cable tester, oscilloscopes, network monitors, and protocol analyzers
- What is the name of Microsoft’s free online support service?
Answer: Microsoft Knowledge Base