Network fault is the most common problem in weak current work, especially our weak current people often deal with the network, so how to carry out network investigation, quickly solve the problem? These basic techniques are essential. Let’s take a look.

First, network troubleshooting necessary

Why prerequisites? Because the network troubleshooting described here is not just about the use of a small command, but a set of systematic methods, without these conditions, it is difficult to use flexibly in the project, so let’s first look at these basic conditions.

1. Understand basic network communication devices and their corresponding OSI layers

Like switch and layer 3 switches, routers, firewalls, these most basic network equipment should have some knowledge, especially their corresponding OSI layers as well as the role, such as common layer 2 switches correspond to the data link layer of the OSI seven layer model, it can be isolated from collision domain, at the same time can through the virtual local area network (VLAN) to isolate the broadcast domain, Layer 2 switches use layer 2 addresses, namely MAC addresses, to forward data frames. Another example is the router, which corresponds to the network layer and can provide routing addressing functions and so on.

2. Understand the basic architecture of the SME network

Generally, the basic architecture of small and medium-sized enterprise network is as follows: access layer — convergence layer — core layer — network exit. Here is a picture:

If you have a large network environment, you have both an aggregation layer and a core layer, like here, if you have a small network, you don’t have an aggregation layer, but the idea is the same. In fact, the following troubleshooting is for the user PC, in fact, the data center network troubleshooting is similar. No matter how complicated the network environment is, it’s pretty much the same thing as this.

3. Know common network debugging commands

If the user is running a Windows operating system, the following commands are important:

These commands are basic commands used in network troubleshooting and checking.

4. Be aware of an important principle of network troubleshooting

Network troubleshooting is all about figuring out what’s wrong with the network, so you have to know where the data is going.

So the important rule is: Pay attention to where the data is going.

The following network troubleshooting idea is actually through tracking the trend of data step by step to narrow the network fault point, therefore, always remember this point is very important! That’s why it’s important to give you an idea of the basic architecture of a small and medium enterprise network.

Two, the basic idea of network troubleshooting

Here’s the basic idea, and this should be pretty much what most people on the Internet are writing.

  • Check whether the physical link is faulty
  • Check whether the local IP address, route, and DNS Settings are correct
  • Test the patency of the gateway or router. Test the gateway and then the router, level by level
  • Test the patency of ping public IP addresses (remember several external IP addresses)
  • To test the patency of DNS, ping the web address directly

Detailed steps of network troubleshooting

In order to better describe the process and thinking of network troubleshooting, suppose we have the following network environment:

Next, we will take the above network environment as an example to introduce our network troubleshooting ideas in detail, how to do each step, why to do each step and what information we can get after doing this, and will make an explanation.

1. Check whether the physical link is faulty

This step is the first step THAT I personally think must be done when doing network errors! Often listen to friends say, the leader of the computer can not get on the Internet, need to go to the wrong row, do for a long time, also can not find the problem, finally after several times of despair, unexpectedly found that the network line is not connected to the computer. This is really a tragedy, wasted a lot of time not to say, such a network arrangement of wrong ideas is wrong, so clear thinking is very important to avoid detachment.

Because maybe not everyone can go to the machine room to check the wiring condition of the switch, so in this step, the focus of our investigation should be placed in the following figure:

In this step, the following points need to be considered:

  • Make sure there is no problem with the computer’s own network card
  • Check whether the network cable is faulty (check the rj45 connector, network cable connection, and network cable quality).
  • Switch connected to the machine (if you can go to the machine room to check)

If all the above checks are cleared, it is the other devices in the network environment that are faulty. Troubleshooting in this area is relatively simple, because it only involves the connection of physical links.

2. Check whether the local IP address, route, and DNS Settings are correct

The first step above, the physical link investigation is no problem, that is to say, after the computer is connected to the network cable, the computer has a reaction, can identify, but the network is still out of order, came to this step, you should first pay attention to the scope of the computer Settings above.

In this step, we focus on:

(1) IP address setting

If DHCP automatically obtains IP addresses, you only need to check whether the Settings of the local host are enabled and whether related services are enabled. If you are using static IP, you must pay attention to the wrong IP address (given by network administrators) and the wrong subnet mask for the IP address (this is important, many people use static IP incorrectly).

It is also worth mentioning that when assigning IP addresses to computers, it is best to bind MAC addresses to avoid IP conflicts caused by private IP address changes.

Generally, you can use the following command to view:

(2) Route setting

For servers and PCS, the default gateway is set. For the router itself or layer 3 switches, it is a matter of setting up static or dynamic routes.

(3) the DNS Settings

The main thing is to make sure that the DNS server address does not provide DNS service or if there is a failure, you need to set a correct DNS server address or automatically obtain. On Windows you can view it with the following command:

3. Test the patency of the gateway or router

Test the gateway and then the router, level by level.

In the above network environment, when the network is normal, we run the tracert -d command on the computer and get the following result:

Through this test result, we can clearly know the computer when accessing the Internet, the trend of data:

According to this data trend, we can get an important idea, is according to the data trend to detect the patency of the network! Therefore, we can divide it into two steps:

(1) First test the patency of the computer to the gateway 192.168.2.254

We can ping the gateway address ourselves from our own computer to see if there is a response

Generally, such a judgment method is relatively fast, but sometimes, no matter how the ping fails, then there may be the following situations:

  • Ping is disabled on the gateway. Procedure
  • The gateway interface or gateway device is faulty. Procedure

For A, ping restrictions are rarely performed on these devices. There is really no great need to do so, except, of course, for those with very strict requirements on network security. Ping the 192.168.2.254 gateway, then ping 172.16.13.1 to make sure there are no problems connecting the computer to the entire gateway.

If the ping fails, I recommend that you run the following command on the PC: arp -a: indicates the gateway address and the MAC address of the gateway.

That is, check whether the computer itself has obtained the MAC address of the gateway, obviously, if there is no MAC address of the gateway, it is impossible to ping through the gateway, after eliminating the problem of the front computer Settings, you can guess that there is a problem with the gateway equipment, then you can contact the network engineer to test the gateway equipment.

(2) Test the patency of other routers

There is no problem in the previous step, that is, the communication between the computer and the gateway is normal, and then test the patency of the gateway to the egress router:

Here, we can use the tracert -d command:

Of course, if there is no connection, then this may be the case:

  • The physical link between the gateway and router is faulty
  • Configuration issues between the gateway device and the router, such as routing protocol, interface configuration, etc

Of course, if you are a network engineer, you should immediately check the status of the device to see if there is a problem with the device.

The above steps to complete, assuming there is no question of your export router Settings, such as NAT Settings, such as the default route there is no problem, then we can be roughly, a basic network communication is normal (at least on your computer and export router communication no problem), we’re going to see what the computer can access the Internet.

4. Test the patency of ping public IP addresses (usually remember several external IP addresses)

The communication between the local LAN and the external network (public network) is normal. The communication between the local LAN and the external network (public network) is normal.

In order to eliminate the influence of DNS (in case your DNS Settings are not correct again), I suggest ping some public DNS server addresses that are not prohibited from ping. For example 114.114.114.114 and 8.8.8.8:

After that, you can basically determine that there is no problem with the network. Can ping TongWai nets, indicate that the network is no problem, of course, the export of placing a firewall does not mention here, in fact, the idea is consistent, but, you need to consider is that you have access to the data by the firewall to filter, filtering, when you go out is the data or data filtering when I come back? Since firewall setup is also involved, I won’t mention it here, but it is still important to note.

5, test the patency of DNS, you can directly ping the website address

As title, can ping the website address directly, look have echoed the IP address, as for the impassability is another matter, as long as it can echo the IP address, so DNS is no problem, but still want to say about the nslookup this command here, this is a very useful command, I myself in the network mistake, basically is used:

It can also be used like this:

The nslookup command provides two functions:

  • Test your DNS server to see if there is a problem
  • Without considering whether the DNS server is intelligent, you can judge the DNS server based on the IP address speed displayed in the command output

So you can take full advantage of the nslookup command.

Therefore, it is very important to master the idea of network troubleshooting and some basic commands. Although the use of a single command is not particularly powerful, it can solve many problems when combined. Warner cloud technology can help you answer more server related questions, welcome to consult the official website technical customer service!