Network Troubleshooting Tools

Chia sẻ: Hai Hoang | Ngày: | Loại File: PDF | Số trang:269

0
68
lượt xem
8

Network Troubleshooting Tools

Mô tả tài liệu

Network Troubleshooting Tools helps you sort through the thousands of tools that have been developed for debugging TCP/IP networks and choose the ones that are best for your needs.

Chủ đề:

Bình luận(0)

Lưu

Nội dung Text: Network Troubleshooting Tools

1. Network Troubleshooting Tools By Joseph D. Sloan Publisher : O'Reilly Pub Date : August 2001 ISBN : 0-596-00186-X Table of Pages : 364 Contents Network Troubleshooting Tools helps you sort through the thousands of tools that have been developed for debugging TCP/IP networks and choose the ones that are best for your needs. It also shows you how to approach network troubleshooting using these tools, how to document your network so you know how it behaves under normal conditions, and how to think about problems when they arise so you can solve them more effectively. Y FL AM TE Team-Fly®
2. Table of Content Table of Content ........................................................................................................... ii Preface........................................................................................................................... v Audience................................................................................................................... vi Organization............................................................................................................. vi Conventions ............................................................................................................. ix Acknowledgments ................................................................................................... ix Chapter 1. Network Management and Troubleshooting ........................................ 1 1.1 General Approaches to Troubleshooting....................................................... 1 1.2 Need for Troubleshooting Tools...................................................................... 3 1.3 Troubleshooting and Management................................................................. 5 Chapter 2. Host Configurations................................................................................ 14 2.1 Utilities ............................................................................................................... 15 2.2 System Configuration Files ............................................................................ 27 2.3 Microsoft Windows .......................................................................................... 32 Chapter 3. Connectivity Testing............................................................................... 35 3.1 Cabling .............................................................................................................. 35 3.2 Testing Adapters.............................................................................................. 40 3.3 Software Testing with ping............................................................................. 41 3.4 Microsoft Windows .......................................................................................... 54 Chapter 4. Path Characteristics ............................................................................... 56 4.1 Path Discovery with traceroute...................................................................... 56 4.2 Path Performance............................................................................................ 62 4.3 Microsoft Windows .......................................................................................... 77 Chapter 5. Packet Capture ....................................................................................... 79 5.1 Traffic Capture Tools ...................................................................................... 79 5.2 Access to Traffic .............................................................................................. 80 5.3 Capturing Data ................................................................................................. 81 5.4 tcpdump............................................................................................................. 82 5.5 Analysis Tools .................................................................................................. 93 5.6 Packet Analyzers ............................................................................................. 99 5.7 Dark Side of Packet Capture ....................................................................... 103 5.8 Microsoft Windows ........................................................................................ 105 Chapter 6. Device Discovery and Mapping.......................................................... 107 6.1 Troubleshooting Versus Management ....................................................... 107 6.2 Device Discovery ........................................................................................... 109 6.3 Device Identification ...................................................................................... 115 6.4 Scripts.............................................................................................................. 119 6.5 Mapping or Diagramming............................................................................. 121 6.6 Politics and Security...................................................................................... 125 6.7 Microsoft Windows ........................................................................................ 126 Chapter 7. Device Monitoring with SNMP............................................................ 128 7.1 Overview of SNMP ........................................................................................ 128 7.2 SNMP-Based Management Tools .............................................................. 132 ii
3. 7.3 Non-SNMP Approaches ............................................................................... 154 7.4 Microsoft Windows ........................................................................................ 154 Chapter 8. Performance Measurement Tools ..................................................... 158 8.1 What, When, and Where .............................................................................. 158 8.2 Host-Monitoring Tools................................................................................... 159 8.3 Point-Monitoring Tools.................................................................................. 160 8.4 Network-Monitoring Tools ............................................................................ 167 8.5 RMON.............................................................................................................. 176 8.6 Microsoft Windows ........................................................................................ 179 Chapter 9. Testing Connectivity Protocols ........................................................... 184 9.1 Packet Injection Tools................................................................................... 184 9.2 Network Emulators and Simulators ............................................................ 193 9.3 Microsoft Windows ........................................................................................ 195 Chapter 10. Application-Level Tools ..................................................................... 197 10.1 Application-Protocols Tools ....................................................................... 197 10.2 Microsoft Windows ...................................................................................... 208 Chapter 11. Miscellaneous Tools .......................................................................... 209 11.1 Communications Tools ............................................................................... 209 11.2 Log Files and Auditing ................................................................................ 213 11.3 NTP................................................................................................................ 218 11.4 Security Tools .............................................................................................. 220 11.5 Microsoft Windows ...................................................................................... 221 Chapter 12. Troubleshooting Strategies............................................................... 223 12.1 Generic Troubleshooting............................................................................ 223 12.2 Task-Specific Troubleshooting.................................................................. 226 Appendix A. Software Sources .............................................................................. 234 A.1 Installing Software......................................................................................... 234 A.2 Generic Sources............................................................................................ 236 A.3 Licenses.......................................................................................................... 237 A.4 Sources for Tools .......................................................................................... 237 Appendix B. Resources and References ............................................................. 250 B.1 Sources of Information ................................................................................. 250 B.2 References by Topic..................................................................................... 253 B.3 References ..................................................................................................... 256 Colophon ................................................................................................................... 259 iii
7. the economic ramifications of troubleshooting. If you are familiar with the general aspects of network administration, you may want to skip this chapter. Chapter 2 Chapter 2 is a review of tools and techniques used to configure or determine the configuration of a networked host. The primary focus is on built-in utilities. If you are well versed in Unix system administration, you can safely skip this chapter. Chapter 3 Chapter 3 describes tools and techniques to test basic point-to-point and end-to-end network connectivity. It begins with a brief discussion of cabling. A discussion of ping, ping variants, and problems with ping follows. Even if you are very familiar with ping, you may want to skim over the discussion of the ping variants. Chapter 4 This chapter focuses on assessing the nature and quality of end-to-end connections. After a discussion of traceroute, a tool for decomposing a path into individual links, the primary focus is on tools that measure link performance. This chapter covers some lesser known tools, so even a seasoned network administrator may find a few useful tools and tricks. Chapter 5 This chapter describes tools and techniques for capturing traffic on a network, primarily tcpdump and ethereal, although a number of other utilities are briefly mentioned. Using this chapter requires the greatest understanding of Internet protocols. But, in my opinion, this is the most important chapter in the book. Skip it at your own risk. Chapter 6 This chapter begins with a general discussion of management tools. It then focuses on a few tools, such as nmap and arpwatch, that are useful in piecing together information about a network. After a brief discussion of network management extensions provided for Perl and Tcl/Tk, it concludes with a discussion of route and network discovery using tkined. Chapter 7 Chapter 7 focuses on device monitoring. It begins with a brief review of SNMP. Next, a discussion of NET SNMP (formerly UCD SNMP) demonstrates the basics of SNMP. The chapter continues with a brief description of using scotty to collect SNMP information. Finally, it describes additional features of tkined, including network monitoring. In one sense, this chapter is a hands-on tutorial for using SNMP. If you are not familiar with SNMP, you will definitely want to read this chapter. Chapter 8 This chapter is concerned with monitoring and measuring network behavior over time. The stars of this chapter are ntop and mrtg. I also briefly describe using SNMP tools to retrieve vii
9. Conventions This book uses the following typographical conventions: Italics For program names, filenames, system names, email addresses, and URLs and for emphasizing new terms when first defined Constant width In examples showing the output from programs, the contents of files, or literal information Constant-width italics General syntax and items that should be replaced in expressions Indicates a tip, suggestion, or general note. Indicates a warning or caution. Acknowledgments This book would not have been possible without the help of many people. First on the list are the toolsmiths who created the tools described here. The number and quality of the tools that are available is truly remarkable. We all owe a considerable debt to the people who selflessly develop these tools. I have been very fortunate that many of my normal duties have overlapped significantly with tasks related to writing this book. These duties have included setting up and operating Lander University's networking laboratory and evaluating tools for use in teaching. For their help with the laboratory, I gratefully acknowledge Lander's Department of Computing Services, particularly Anthony Aven, Mike Henderson, and Bill Screws. This laboratory was funded in part by a National Science Foundation grant, DUE-9980366. I gratefully acknowledge the support the National Science Foundation has given to Lander. I have also benefited from conversations with the students and faculty at Lander, particularly Jim Crabtree. I would never have gotten started on this project without the help and encouragement of Jerry Wilson. Jerry, I owe you lunch (and a lot more). This book has benefited from the help of numerous people within the O'Reilly organization. In particular, the support given by Robert Denn, Mike Loukides, and Rob Romano, to name only a few, has been exceptional. After talking with authors working with other publishers, I consider myself very fortunate in working with technically astute people from the start. If you are thinking about writing a technical book, O'Reilly is a publisher to consider. ix
10. The reviewers for this book have done an outstanding job. Thanks go to John Archie, Anthony Aven, Jon Forrest, and Kevin and Diana Mullet. They cannot be faulted for not turning a sow's ear into a silk purse. It seems every author always acknowledges his or her family. It has almost become a cliché, but that doesn't make it any less true. This book would not have been possible without the support and patience of my family, who have endured more that I should have ever asked them to endure. Thank you. x
20. too easy to come up with some technical mumbo jumbo if they are ever questioned. If this seems far-fetched, I once attended a meeting where a young engineer was arguing that a particular router needed to be replaced before it became a bottleneck. He had picked out the ideal replacement, a hot new box that had just hit the market. The problem with all this was that I had recently taken measurements on the router and knew the average utilization of that "bottleneck" was less than 5% with peaks that rarely hit 40%. This is an extreme example of why collecting information is the essential first step in network management and troubleshooting. Without accurate measurements, you can easily spend money fixing imaginary problems. 1.3.2.4 Economic considerations Solutions to problems have economic consequences, so you must understand the economic implications of what you do. Knowing how to balance the cost of the time used to repair a system against the cost of replacing a system is an obvious example. Cost management is a more general issue that has important implications when dealing with failures. One particularly difficult task for many system administrators is to come to terms with the economics of networking. As long as everything is running smoothly, the next biggest issue to upper management will be how cost effectively you are doing your job. Unless you have unlimited resources, when you overspend in one area, you take resources from another area. One definition of an engineer that I particularly like is that "an engineer is someone who can do for a dime what a fool can do for a dollar." My best guess is that overspending and buying needlessly complex systems is the single most common engineering mistake made when novice network administrators purchase network equipment. One problem is that some traditional economic models do not apply in networking. In most engineering projects, incremental costs are less than the initial per-unit cost. For example, if a 10,000- square-foot building costs $1 million, a 15,000-square-foot building will cost somewhat less than$1.5 million. It may make sense to buy additional footage even if you don't need it right away. This is justified as "buying for the future." This kind of reasoning, when applied to computers and networking, leads to waste. Almost no one would go ahead and buy a computer now if they won't need it until next year. You'll be able to buy a better computer for less if you wait until you need it. Unfortunately, this same reasoning isn't applied when buying network equipment. People will often buy higher-bandwidth equipment than they need, arguing that they are preparing for the future, when it would be much more economical to buy only what is needed now and buy again in the future as needed. Moore's Law lies at the heart of the matter. Around 1965, Gordon Moore, one of the founders of Intel, made the empirical observation that the density of integrated circuits was doubling about every 12 months, which he later revised to 24 months. Since the cost of manufacturing integrated circuits is relatively flat, this implies that, in two years, a circuit can be built with twice the functionality with no increase in cost. And, because distances are halved, the circuit runs at twice the speed—a fourfold improvement. Since the doubling applies to previous doublings, we have exponential growth. It is generally estimated that this exponential growth with chips will go on for another 15 to 20 years. In fact, this growth is nothing new. Raymond Kurzweil, in The Age of Spiritual Machines: When Computers Exceed Human Intelligence, collected information on computing speeds and functionality from the beginning of the twentieth century to the present. This covers mechanical, electromechanical 10