Basic Network troubleshooting

Basic Network troubleshooting

Ping:

Ping is a command-line utility and is used for network troubleshooting.  It is available with every operating system by default. You need to open command prompt (cmd). 

After opening cmd, just type ping followed by host address (IP address) where you want to reach out. It is mostly required to know whether communication with the host is possible or not.  It works like, it sends out an ICMP echo request and receives a reply.

You can send ping request to web addresses too. For example, you can send ping request to google.com just by the below syntax,

C:\>ping www.google.com

C:\>Ping 127.0.0.1

If there is any missing reply, then it is understood that, there is some issue with the connectivity.

The time mentioned is between 13 milliseconds (ms) to maximum 50ms or more. It comes with approximate round trip times. 

When we are working in a LAN environment and we face there is any internet issue arises, we need to ping first to the gateway (or router) through which it connects internet. Some even ping to global DNS server of Google i.e. 8.8.8.8

Sometimes, administrators ping to switch, firewall and even computers from their own computer to check the connectivity is fine.

Sometimes a continuous ping is required while the troubleshooting work such as wire adjustments, punching repair is ongoing. In that case additional (-t) can be just added to the ping command such as 

C:\>ping 127.0.0.1 –t

Loopback plug

loopback plug or loopback adapter, which is a plug used to test physical ports to identify network issue. It can identify issues in network, network interface card, router interface etc.

Similarly it can be used in serial port, parallel USB ports, OFC ports etc.

IPconfig:

Ipconfig is a command line utility used with command (cmd) window. It is used to display all the details about the network. It shows the host IP address, router or adaptor IP address, VPN client address, subnet mask used, default gateway address etc. 

If you need to see all other information such as Physical MAC address, DNS and DHCP servers address, DHCP enable status then you need to use /all parameter with the syntax.

If you need help then you need to add question mark symbol 

Example

C:\Users\ User name >ipconfig 

C:\users\username>ipconfig/all

C:\Users\Username>ipconfig/?

Other than ipconfig syntax, you can know only MAC addresses by typing getmac at the command prompt. And use systeminfo to know many information about the system.

NSlookup:

NSlookup or Name server lookup command is used to diagnose or troubleshoot Domain Name System (DNS) and host name resolution. It is available if you are using TCP/IP protocol. It comes with two modes i.e. interactive and non-interactive.

In interactive mode, you can get only single set of data or information.

Example

C:\User\Username>nslookup www.google.com

You will receive all the name server address, IPv4 address of google.com

In non interactive mode you will receive more than one information at a time. 

By using the name server or DNS server, it translates the domain name to an IP address.

Netstat:

Netstat is a network administrator’s command and it displays TCP connections, ports on which a host is listening, IP routing table, IPV4 parameters etc.

Syntax is such as

Netstat -a: It shows all active TCP connections on which host is listening.

Netstat –e: It shows all the Ethernet statistics that includes number of bytes and packets sent and received, any errors if present, unicast packets, unknown protocols etc.

Netstat-r: It shows the contents of IP routing table.

PuTTY:

PuttY is an SSH and telnet client, developed by Simon Tatham for the windows platform. It is an open source software that is available with source code and with both 64 bit and 32 bit. You can download and use it for several activity such as Telnet, configuring devices, SCP, SSH. It provides a command line interface.

Speedtest.net:

Speedtest dot net is a very interactive tool to test the speed and performance of your internet connection. They have thousands of servers across globe that hosts the speedtest server.

-DR

Understanding Routing Table

Routing Table

We all know, that the router’s primary function is to forward a packet towards its destination address. A router have physical interfaces which connects to other network devices. 

The routing table contains a list of specific routing destinations or pair of IP addresses in its memory. Sometimes it is also called routing information base of RIB. When the router receives a packet of data, it references the routing table to know where to send that data. The device kernel reads the routing table. Each entry of row in the routing table defines a route. This route is in two types such as network routes and host routes. So the router does not have to send any query or to wait for a routing input from user to send packets each time.

Network routes says, how to reach to a specific network ID within the internetwork. Whereas the host route provides information to reach a particular host on a network.

All IP enabled devices use routing table. Means the routing table keeps the information about the entire topology of the network such as IP address, gateway address, port number, subnet mask, interface, metric.

Metrics: if in doubt about metrics, it is a number describes the best route or it helps in router to choose best route among multiple routes to the destination. It helps dynamic routing protocols like, RIP, OSPF, EIGRP to decide which is shortest and best path to reach the destination. 

Static routing uses a routing table which can preconfigured manually, where all entries will remain the same unless they are changed manually. It can be best used for small networks, hosts. For many small office work space, people use window system. If you want to add a static route to the table, the below syntax can be used:

Route ADD destination_network MASK subnet mask gateway_ip metric_cost

In case of Dynamic routing, protocols allow routers to get information from other (peer) routers on the network such as the routers can be configured to learn IP destinations from other routers in order to update routing table entries without user intervention. For more information in dynamic routing please refer to EIGRP, OSPF, BGP and RIP post. Dynamic routing is suitable for larger internetworks.

A sample routing table provided as below:

Network Destination	Subnet Mask	Gateway	Interface	Metric
101.X.X.0	255.255.255.0	10.X.X.2	Eth01	1
Default	0.0.0.0	10.X.X.3	Eth02	0
127.X.X.9	255.255.255.0	10.X.X.4	S0	291
10.X.X.8/16	255.255.255.0	10.X.X.1	GE1/0/0	11

-DR

Basics of Router, IOS and Gateway

Router

A router is a Computer or a Device used for connecting multiple networks. This means it has multiple interfaces that each belong to a different IP network.

It also have components like RAM,ROM,PROCESSOR like computer CPU.

Basically when a router receives a IP packet on one interface, it determines which interface to use for forwarding the packets to which destination address.

• Used for packet switching and packet filtering.
• It also determines the best path to send packets.
• It never forward broadcast by default.

The router will receive a Packet that is encapsulated in one type of datalink frame such as ethernet, and while forwarding the packet it encapsulate to different frame like PPP (Point to point protocol).

Many vendors/OEMs (Original Equipment Manufacturer) are manufacturing Routers now a days.

CISCO, D-LINK, DATASYS, HUAWEI etc.

A sample Cisco Router

Router Interfaces

There are many interfaces in a router, the physical interface is known as WIC-2T  (Wan Interface Card).

In case of Leased Line connections, A modem can be connected through this interface by the serial V.35 cable, DTE smart DB60 cable serial as shown below in pic. 

WIC Card

Serial Cable

A serial cable used at serial port of router is to use as administrative terminal access which can be used for configuring the router.

There are many types and series of routers. For higher series of routers i.e. at core routers  another interface used is STM card. STM-1, STM-4, STM-16 like this for Fiber connectivity .

  

: Fig :STM-1 CARD  

Typically A router can be represented in a network with a symbol as shown below.:

IOS

Internetwork operating System, is the OS used in Routers. Basically IOS manages the hardware and software resources of the router including memory allocation, Processes, Security and file systems.

• It provides the privilege levels for access to different commands.
• It provides the interface between user and hardware enabling user to execute commands to   configure and manage the devices.
• It provides Connectivity, Modularity, Reliability in network redundancy, Security policies.
• The IOS is stored in Flash Memories and can be updates accordingly when needed.
• It carries Network protocols and Functions. 
• Connecting high speed traffic between devices.
• Routers are Network Layer ( L3) Devices. 

 

Flash Memory Card of Router

NVRAM: Non Volatile RAM. 

The "enable" password or the "enable−secret" password is stored in the startup configuration file in the nonvolatile RAM (NVRAM). The password recovery procedure involves booting the router while ignoring the startup configuration file in the NVRAM.

Routers come in different series to Market as per the requirement and sizing of the network.

Below are some sample series; 

Configuring Router (Cisco) for example:

If you need to configure your router from CLI (Command Line Interface) mode, You need to enable command first.

Router>enable (Enter)

Output:

Router#

Then Type

Router# Config t

or

Router# Configure terminal

If you type a question mark (?) at the prompt, you will get all the commands available.

Basic Routing:

• Routing is the process of transferring data from one local area network to another local area network.
• Bridge is a network connection that connects two or more network segments and shares traffic as necessary according to hardware addresses. A bridge is a layer two device (data link).
• Router is a device that receives and forwards traffic according to software addresses. A router is a layer three device according to OSI model.
• Network interface is a software object that connects to a physical device such as modem or network card, Lan Card.
• Demand dial interfaces - these are interfaces such as VPN, persistent dial-up connection and PPPoE connection. New demand dial interfaces are added through Network Interfaces node.
• Windows includes software router called Routing and Remote access service. This is a multiprotocol router capable of LAN to LAN, LAN to WAN, VPN, NAT routing through IP networks. It also supports routing futures such as IP multicasting, demand-dialing, packet filtering, DHCP relay, build in support for RIP 2 and OSPF.
• NAT stands for network address translation and is a service that is part of a router in which the header information in IP data grams is modified by the router before being sent out. This allows many computer with private addresses to share a single public IP and still be able to surf the net.
• Switching: Lan switching is a form of packet switching in local area network. It is hardware based method and packets are sent where it is need. It is of collision free and reliable technique. There are many kinds like layer 2, layer 3,layer 4 and multi-layer switching [combination of all layers].

Basic router used for Routing Network

Gateway:

A gateway is a network node or an interface of a router in a computer network. It uses packet switching technique for data transmission.

Network gateways, or protocol translation gateways can perform protocol conversions to connect networks with different network protocol technologies.

It is responsible for the data for communication by routing to another network. It can stop the traffic at its interface also. 

It operates at layer 3 of OSI model. All the data inflows and outflows are managed by it. The gateway gives us access into different networks for which we can send email, browse at web pages, buy online, chat online, etc. 

On basis of data flow and directions, it can be further divided as unidirectional gateway and bidirectional gateway for either one direction or both directions.

Sometimes we have heard as default gateway. The default gateway set to router address as xx.xxx.xx.1 at many places. In larger networks, a network gateway typically acts as a proxy server and a firewall.

A router have many algorithms to work. Those routing algorithms help the routers to work in such a way its intended.

Below are the routing algorithms;

Static and Dynamic: Static routes are manually configured and modified whereas dynamic routes dynamically maintain the routing table as per the network and the changes occur within the network.

Flat and Hierarchical: In a flat routing system, the routers are peers of all other routers. In a hierarchical routing system, some routers form a routing backbone or area.

Host-intelligent and Router-intelligent: In host intelligent, routing algorithms allow the source end system determines the entire route to a destination (source routing). Most routing algorithms assume that hosts know nothing about network, and the path determination process is done by the routing algorithms called router intelligent.

-DR

Data Packet

Data Packet:

Packet

A packet is nothing but small or large segment of a message being transferred from one host to another host over a digital communication link. Host may be a computer device, a mobile device, etc.

Data sent over a packet switched network. In packet switching network, a message is sent by dividing it to smaller packets given by unique numbers to identify at the receiving end.

What is there inside a packet?

Inside a packet there might be addresses (Source, destination), length, priority, payload, hop limit, error detection and correction etc.

Example such as IP packet. An IP packet consists of header and payload. Where Payload is what is contains the primary data/information.

So just keep in mind the basic thing. Nothing to be serious. If you need further information you can study other forums and sites on those.

Packets that pass through a network is called as network traffic. 

Please let me know if any suggestion is there.

Thanks!

 ***

-DR

 

 

Network Rack

Network/Server Rack:

Today we will discuss one of the important item in networking environment i.e. network rack. 

A network rack is a chassis or a frame or an enclosure made of metal that holds and organizes computer network devices such as switches, routers, storages, servers etc. Racks come with doors and lock to prevent unauthorized access.

One of the advantages of rack mounting is that several devices can be placed into one place to manage it effectively.

A typical full stack rack size is 42U, which is around 6ft height. Other sizes come as 36U, 29U etc.

If we calculate the length of U in a rack (Vertical) way it will be, 1U = 44.45mm = 1.75 inch

Similarly average racks comes with widths such as 36’,42’, 50’.

Many racks come with fully assembled and some in open to assemble later at your place. Small size racks come for rack mounting.

These racks come with other accessories such as patch panel, power distribution unit (PDU), clamps, bolts, cooling fans etc. They also provide cable management and allow optimized airflow for increased operational efficiency and extended equipment life.

Patch Panel

A patch panel is there to manage the cables in the network rack. They come with multiple jacks that connect cables and route them where they need to go. With help of proper cable labeling or tagging, all the cables should be terminated at patch panel. The labeling can not only save lots of time during network trouble shooting but also saves costs during any change.

Blanking panel

Blanking panels are pieces of either plastic or metal those are used to fill a blank spot in a rack which is not currently in use. Blanking panels help improve airflow sometimes in a rack.

Railing

Rails are attached to both sides of a server or devices which allows it to slide into the server rack in To and FRO motion for easy handling.

Clamps/ side Bars

There is a cable management bar in the rack that has a slot for each cable for routing the cable from source to destination.

So this was just an overview of racks and why we use them. 

***

If you have any comments and suggestions please post below. Thanks!

Below are some reference images 

Image Source: Amazon

***

-DR

 

Basics of Proxy Server

Proxy Server

A proxy server is an another hardware or can be a software that is used to mask or hide the real IP address of the user from the Internet. 

Your IP address sends information from your computer to the internet, When you browse the Internet, you compromise your information. 

You may have wondered why certain sites know where you are. How Advertisements at eCommerce sites work. This is because the IP is traceable.

• Usually, companies track your IP address for advertisement purposes. 
• It works as a gateway between your computer and the Internet. 
• Using a proxy server will protect your IP so it is not traceable for [Windows OS] only.

Besides the above it is used for the major purpose of ::

• It is to keep machines behind anonymous.
• It is to speed up access to resources or cache.
• Web proxies are commonly used for cache web pages from web server.
• Applied to block unwanted websites.
• To log or audit usage statistics or internet usage report.
• To scan outbound content and transmitted content and bypass security.
• It provides a secure gateway to internet.
• Because of the Proxy Server has two network interface cards, the LAN is secured from unauthorized users attempting to access the private network. Only one point of contact exists between the private network and the Internet.
• Proxy server 2.0 provides a dynamic packet filtering feature that enables to block specific packets at port.

 

FORWARD PROXY:

It sends request to a web server forwarded from user or client system. Forward Proxies evade firewall and increases the security.

REVERSE PROXY:

A reverse proxy is a server that is used to handle all the requests at server end. 

Used for:

1. Encryption or SSL (Secure Socket Layer) acceleration

2. Load Balancing

3. Security

4. Compression

Benefits of Proxy Server

Proxies can be transparent or nontransparent. A transparent proxy does not change the request beyond what is required for proxy authentication and identification; in other words, clients need not be aware of the existence of the proxy. 

A nontransparent proxy changes the request in order to provide some added service to the user agent, such as media type transformation, protocol reduction or anonymity filtering. 

In organizations, proxy servers are generally used for traffic filtering (web filters) and performance improvement (load balancers).

-DR

Basics of a Firewall

Basics about Firewall

It is a part of Computer network or system that is to block the access of unauthorized attack in a communication. It can be installed either software or hardware. It is a device which permits or denies network transmissions or traffics. This is first fence of the defense of a network.

• Basically Firewalls protect inside networks from unauthorized access by users on an outside network. 
• It can permit or block any port number, web applications.
• A firewall can also protect inside networks from each other, let say, by keeping a Human resources network separate from a User network. 
• A firewall typically establishes a obstacle between a trusted internal network and  zero trusted external network such as web.
• Basically a firewall is to isolate one network from another.

If you have network resources that need to be available to an outside user, such as a web or FTP server, you can place these resources on a separate network behind the firewall, called a demilitarized zone (DMZ). The firewall allows limited access to the DMZ, but because the DMZ only includes the public servers, an attack there only affects the servers and does not affect the other inside networks.

Demilitarized Zone

Demilitarized Zone or DMZ zone is a perimeter that adds an additional security layer to organization's internal local area network from untrusted traffic. It is ideally set between two firewalls. 

The prime advantage of using DMZ is to provide an internal network is strong in security layers by restricting access to sensitive data and servers. 

                                                                       

   Firewall 

1. Basic firewall placement:

In a typical firewall configuration, a firewall is placed between the Internet and the organization's servers or office computers. The firewall will block all unauthorized inbound and/or outbound traffic.

2.  Firewall with Demilitarized Zone (DMZ) Configuration

In this scenario, server "A" has special requirements which might make it more vulnerable to intrusion. For additional security, Server "A" is placed on a separate network segment with its own firewall rules. If a hacker manages to compromise server "A", the hacker will still not be able to gain access to the other servers because they are on a different network segment protected by their own firewall rules.

The goal of a DMZ is to add an extra layer of security to an organization's local area network and critical resources. This functions as a small, isolated network positioned between the Internet and the private network.

                                                                    DMZ firewall

3. Firewall with Fail-over Configuration

In this scenario, a backup firewall is installed. The backup device will continuously monitor the "health" of the primary firewall. If the primary firewall fails, the backup firewall will assume the IP address of the failed primary firewall and take over the firewall duties. You might choose to install a backup firewall if your Internet service is mission critical and you cannot tolerate extended periods of downtime due to hardware failure.

There are also some Security Policies that can be applied here because A security policy determines which traffic is allowed to pass through the firewall to access another network.

The policies are like so as: 

•   Permitting or denying access list.
•   Applying HTTP, HTTPS or FTP filtering.
•   Applying QoS Policy.
•   Applying Connection Limits, TCP controls.
•   NAT applying for hiding IP address.
•   Using AAA [authentication, authorization and accounting].

Firewall hardware devices:

The hardware or devices are also used as firewall service.

like : Cisco ASA server or hot bricks.

Two types of firewall dominate the market today.

1. Application Proxies.

2. Packet filtering gateways.

windows firewall:

It is a software of Microsoft that firewalls or packet filters. It is a default software setting present in windows 7/8/10 and other products.

Firewall Type :-

Hardware (Network):Protects local network from un-authorized access from outside.

Software (Application):To be installed in computer or client system. 

Both Software and Hardware firewall can also be configured from User level to compromise between Security and convenience.

A firewall works based on the "Access Control List". 

ACL: Access Control List

• This is a list of Conditions that decides/filters the packets movement or inbound and outbound traffic.
• It categorizes the packets.

They are two types:

1. Standard Access List
2. Extended Access List

A firewall protects us from below attacks;

• IP Spoofing
• Password Attack
• Man in the middle attack
• Network packet sniffing
• Denial of service
• Software exploitation

Besides the above attacks, we also get benefit in other ways as mentioned below;

• Limited access of ports from outside network to internal LAN.
• We can hide our Internal IPs from the external world. Actual IP addresses will be unknown to hackers.
• One can limit the access level of critical servers both from LAN and WAN.
• Can allow the trusted users sitting outside to access the resources through VPNs.
• Establish secured tunnels with other firewall for data access over VPN.
• Block the IP addresses which are generating malicious traffic.

-DR