Presentation is loading. Please wait.

Presentation is loading. Please wait.

Monitoring Troubleshooting TCP/IP Chapter 3. Objectives for this Chapter Troubleshoot TCP/IP addressing Diagnose and resolve issues related to incorrect.

Published byJulian Lynch Modified over 8 years ago

Similar presentations

Presentation on theme: "Monitoring Troubleshooting TCP/IP Chapter 3. Objectives for this Chapter Troubleshoot TCP/IP addressing Diagnose and resolve issues related to incorrect."— Presentation transcript:

1 Monitoring Troubleshooting TCP/IP Chapter 3

2 Objectives for this Chapter Troubleshoot TCP/IP addressing Diagnose and resolve issues related to incorrect configuration Monitor network traffic Troubleshoot connectivity to the Internet

3 In This Chapter Analyzing Traffic Using Network Monitor Troubleshooting TCP/IP Connections

4 To Complete the Exercises: two computers Physically networked two computers. default settings on both computers Performed a Windows Server 2003 installation with default settings on both computers. The computers should be named Computer1 and Computer2. Assigned Computer1 a static address of 192.168.0.1/24. Configured Computer2 to obtain an address automatically. Assigned Computer2 an alternate configuration address of 192.168.0.2/24.

5 Two Versions The basic version is shipped with Windows Server 2003, and The full version is shipped with Microsoft Systems Management Server.

6 Understanding Network Monitor Network Monitor is a software-based traffic analysis tool that allows a user to perform these tasks: Capture frames directly from the network Display and filter captured frames, immediately after capture or at a later time Edit captured frames and transmit them on the network (full version only) Capture frames from a remote computer (full version only)

7 What is a Frame? A frame is an encapsulation of layer 2, or network interface–layer, data. Encapsulations that include both network interface–layer data (such as Ethernet data) and higher-layer data from protocols such as Address Resolution Protocol (ARP), IP, Transmission Control Protocol (TCP), and Domain Name System (DNS). Note the table on page 3-4

8 Exploring Network Monitor Components Network Monitor is composed of an administrative tool called Network Monitor and an agent called the Network Monitor Driver. Both components must be installed for you to capture, display, and analyze network frames.

9 How Network Monitor Works Installing the Network Monitor Driver When you install Network Monitor, the Network Monitor Driver is installed automatically on the same computer.

10 What Network Monitor collects The source address of the computer that sent the message The destination address of the computer that received the frame Header information of each protocol used to send the frame The data (or a portion of it) being sent to the destination computer

11 Exam Tip You can use Network Monitor to find out certain details—such as the MAC address of a network interface card (NIC), the globally unique identifier (GUID) of a client computer, or the port used by a protocol—that might have been lost with documentation.

12 Use Network Monitor to capture data Analyze captured data Summary Pane: Frame Time Source MAC Address Destination MAC Address Protocol Description

13 Looking Within Frames + Frame: Base frame properties + ETHERNET: EType = Internet IP (IPv4) + IP: Protocol = UDP - User Datagram; Packet ID = 1576; Total IP Length = 236; Options = No Options + UDP: Src Port: NETBIOS Datagram Service (138); Dst Port: NETBIOS Datagram Service (138); Length = 216 (0xD8) + NBT: DS: Type = 17 (DIRECT GROUP) + SMB: C transact, File = \MAILSLOT\BROWSE + Browser: Workgroup Announcement [0x0c] WORKGROUP

14 Network Monitor and the OSI Model The final three protocols shown in the previous frame example are Microsoft network protocols that are not part of the standard TCP/IP stack.

15 The OSI Model - TCP/IP Layer 7 Layer 6 Layer 5 Layer 4 Layer 3 Layer 2 Layer 1 Application Layer Presentation Layer Session Layer Transport Layer Network Layer Data-Link Layer Physical Layer Application Layer Transport Layer Internet Layer Network Interface Layer OSI modelTCP/IP model

16 Exam Tip For the exam, remember that NetBT is an example of a session-layer interface.

17 Adding Parsers to Network Monitor The process of reading, analyzing, and describing the contents of frames is known as parsing. In Network Monitor, parsers are.dll files that are responsible for breaking down and reading messages from various protocols. By default, Network Monitor includes more than 20 parsers that are responsible for parsing over 90 protocols.

18 Adding New Parsers You can extend the functionality of Network Monitor by adding new parsers. First First add the.dll to the WINDOWS\System32\ Netmon\Parsers folder, which is where all parsers for Network Monitor are stored. Second Second add an entry for the new parser and protocol in the Parser.ini file. This file, which includes entries for all parsers and protocols used by Network Monitor, is stored in the WINDOWS\System32\Netmon folder.

19 Exam Tip On the exam, you will need to remember the two steps necessary for adding a new parser to Network Monitor. In addition, you will need to know the precise names and locations of both the Parser.ini file and the Parsers folder. Remember, the Parser.ini file is in the \System32\Netmon folder, which is the parent folder of the Parsers folder.

20 Practice: Using Network Monitor Exercise 1: Installing Network Monitor Page 3-13 Exercise 2: Creating a Network Capture in Network Monitor Page 3-14 Exercise 3: Saving a Frame to a Text File Page 3-15

21 Troubleshooting TCP/IP Connections Faulty TCP/IP Configuration IPCONFIG

22 Network Diagnostics Network Diagnostics is a graphical troubleshooting tool that provides detailed information about the local computer’s networking configuration.

23 Finding Network Diagnostics More Tools On the Manage Your Server select More Tools Help and Support Center Tools Then Select Help and Support Center Tools Network Diagnostics Finally you will find Network Diagnostics

24 What Network Diagnostics does By default, Network Diagnostics collects information about only three categories: The Internet Service The Internet Service category, Microsoft Outlook Express Mail, Microsoft Outlook Express News, and Internet Explorer Web Proxy configuration The Computer Information The Computer Information category, Registry parameter settings for The computer system, Operating system, and Operating system version; and The Modems The Network Adapters The Network Adapters category Registry parameter settings for Modems, Network adapters, and Network clients.

25 Netdiag Netdiag is a command-line utility that you must install manually from the Windows Server 2003 installation CD Table 3-3 list the Netdiag Test Page 3-23

26 Troubleshooting Connections Using Ping and PathPing PathPing is a tool that detects packet loss over multiple- hop trips. PathPing uses ICMP

27 Troubleshooting steps: Using Ping Ping 127.0.0.1 Ping Local Host Address Ping Default Gateway Ping Remote Address

28 Troubleshooting with Tracert Tracert works by sending ICMP echo requests to an IP address, while incrementing the Time to Live (TTL) field in the IP header, starting at 1, and analyzing the ICMP errors that are returned. Tracert prints out an ordered list of the routers in the path that returned these error messages.

29 Example of Tracert To Infogem:

30 Exam Tip You need to know the difference between Tracert and PathPing on the exam. Use Tracert to quickly determine where a break occurs in the path of connectivity to a remote location. PathPing is more useful when you have connectivity to a site but are experiencing erratic packet loss or high delay. In these cases, PathPing tells you exactly where packet loss is occurring.

31 Troubleshooting Using the ARP Tool If you can ping both the loopback address and your own IP address, but you cannot ping a computer on the local subnet, the next step is to check the ARP cache for errors. Some ARP switches include: -a Current ARP entries -g Same as –a -d Deletes the host specified by inet_addr -s Adds static address

32 Practice: Running Network Diagnostics and Netdiag Exercise 1: Running Network Diagnostics Page 3-26 Exercise 2: Installing Windows Support Tools Exercise 3: Running Netdiag from Across the Network Page 3-28

33 Summary Case Scenario Exercise Page 3-31 Exam Highlights Key Points Key Terms Page 3-34

Download ppt "Monitoring Troubleshooting TCP/IP Chapter 3. Objectives for this Chapter Troubleshoot TCP/IP addressing Diagnose and resolve issues related to incorrect."

Similar presentations

Module 4: Configuring Network Connectivity

Module 4: Configuring Network Connectivity
Configuring and Troubleshooting Network Connections

Configuring and Troubleshooting Network Connections
IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.

IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.
SYSTEM ADMINISTRATION Chapter 19

SYSTEM ADMINISTRATION Chapter 19
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.

Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
Chapter 8 Administering TCP/IP.

Chapter 8 Administering TCP/IP.
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.

Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Understanding Networks Charles Zangla. Network Models Before I can explain how connections are made from across the country, I would like to provide you.

Understanding Networks Charles Zangla. Network Models Before I can explain how connections are made from across the country, I would like to provide you.
CS 356 Systems Security Spring 2015 Dr. Indrajit Ray

CS 356 Systems Security Spring Dr. Indrajit Ray
© 2006, The Technology FirmWWW.THETECHFIRM.COM 1 WINDOWS XP SUPPORT TOOLS.

© 2006, The Technology FirmWWW.THETECHFIRM.COM 1 WINDOWS XP SUPPORT TOOLS.
Chapter Overview TCP/IP Overview Configuring TCP/IP Clients

Chapter Overview TCP/IP Overview Configuring TCP/IP Clients
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.
1 Chapter Overview Understanding the Windows 2000 Networking Architecture Using Microsoft Management Console.

1 Chapter Overview Understanding the Windows 2000 Networking Architecture Using Microsoft Management Console.
Module 1: Reviewing the Suite of TCP/IP Protocols.

Module 1: Reviewing the Suite of TCP/IP Protocols.
Chapter Twelve Using TCP/IP on the Network. Objectives Here, we’ll examine how to configure TCP/IP. The concepts of subnetting will be examined in detail.

Chapter Twelve Using TCP/IP on the Network. Objectives Here, we’ll examine how to configure TCP/IP. The concepts of subnetting will be examined in detail.
11 NETWORK PROTOCOLS AND SERVICES Chapter 10. Chapter 10: Network Protocols and Services2 NETWORK PROTOCOLS AND SERVICES  Identify how computers on TCP/IP.

11 NETWORK PROTOCOLS AND SERVICES Chapter 10. Chapter 10: Network Protocols and Services2 NETWORK PROTOCOLS AND SERVICES  Identify how computers on TCP/IP.

Similar presentations

Ads by Google