Join The Community

Facebook Page

Place Your Ads Here

Manual:Troubleshooting tools part 1

www.basic-mikrotik.blogspot.com on 05.09. -

Troubleshooting tools

Before, we look at the most significant commands for connectivity checking and troubleshooting, here is little reminder on how to check host computer's network interface parameters on .

The Microsoft windows have a whole set of helpful command line tools that helps testing and configuring LAN/WAN interfaces. We will look only at commonly used Windows networking tools and commands.

All of the tools are being ran from windows terminal. Go to Start/Run and enter "cmd" to open a Command window.

Some of commands on windows are:

ipconfig – used to display the TCP/IP network configuration values. To open it, enter "ipconfig" in the command prompt.

C:\>ipconfig 
Windows IP Configuration 
Ethernet adapter Local Area Connection:    
Connection-specific DNS Suffix  . : mshome.net    
Link-local IPv6 Address . . . . . : fe80::58ad:cd3f:f3df:bf18%8    
IPv4 Address. . . . . . . . . . . : 173.16.16.243    
Subnet Mask . . . . . . . . . . . : 255.255.255.0    
Default Gateway . . . . . . . . . : 173.16.16.1

There are also a variety of additional functions for ipconfig. To obtain a list of additional options, enter "ipconfig /?" or “ipconfig -?”.


netstat – displays the active TCP connections and ports on which the computer is listening, Ethernet statistics, the IP routing table, statistics for the IP, ICMP, TCP, and UDP protocols. It comes with a number of options for displaying a variety of properties of the network and TCP connections “netstat –?”.

nslookup – is a command-line administrative tool for testing and troubleshooting DNS servers. For example, if you want to know what IP address is "www.google.com", enter "nslookup www.google.com" and you will find that there are more addresses 74.125.77.99, 74.125.77.104, 74.125.77.147.

netsh – is a tool an administrator can use to configure and monitor Windows-based computers at a command prompt. It allows configure interfaces, routing protocols, routes, routing filters and display currently running configuration.

Very similar commands are available also on unix-like machines. Today in most of Linux distributions network settings can be managed via GUI, but it is always good to be familiar with the command-line tools. Here is the list of basic networking commands and tools on Linux:

ifconfig – it is similar like ipconfig commands on windows. It lets enable/disable network adapters, assigned IP address and netmask details as well as show currently network interface configuration.

iwconfig - iwconfig tool is like ifconfig and ethtool for wireless cards. That also view and set the basic Wi-Fi network details.

nslookup – give a host name and the command will return IP address.

netstat – print network connections, including port connections, routing tables, interface statistics, masquerade connections, and more. (netstat – r, netstat - a)

ip – show/manipulate routing, devices, policy routing and tunnels on linux-machine.

For example, check IP address on interface using ip command:

$ip addr show

You can add static route using ip following command:

ip route add {NETWORK address} via {next hop address} dev {DEVICE}, for example:

$ip route add 192.168.55.0/24 via 192.168.1.254 dev eth1

mentioned tools are only small part of networking tools that is available on Linux. Remember if you want full details on the tools and commands options use man command. For example, if you want to know all options on ifconfig write commandman ifconfig in terminal.


Check network connectivity

Using the ping command

Ping is one of the most commonly used and known commands. Administration utility used to test whether a particular host is reachable across an Internet Protocol (IP) network and to measure the round-trip time for packets sent from the local host to a destination host, including the local host's own interfaces.

Ping uses Internet Control Message Protocol (ICMP) protocol for echo response and echo request. Ping sends ICMP echorequest packets to the target host and waits for an ICMP response. Ping output displays the minimum, average and maximum times used for a ping packet to find a specified system and return.

From PC:

Windows:

C:\>ping 10.255.255.4  
Pinging 10.255.255.4 with 32 bytes of data: 
Reply from 10.255.255.4: bytes=32 time=1ms TTL=61 
Reply from 10.255.255.4: bytes=32 time<1ms ttl="61">
Reply from 10.255.255.4: bytes=32 time=1ms ttl=61 
Reply from 10.255.255.4: bytes=32 time=1ms ttl=61 
Packet: sent =4, received =4, lost =0% (0%
Approximate round trip times in milliseconds:
minimum = 0ms, maximum = 1ms, average =0ms>


Unix-like:

andris@andris-desktop:/$ ping 10.255.255.6 
PING 10.255.255.6 (10.255.255.6) 56(84) bytes of data. 
64 bytes from 10.255.255.6: icmp_seq=1 ttl=61 time=1.23 ms
64 bytes from 10.255.255.6: icmp_seq=2 ttl=61 time=0.904 ms 
64 bytes from 10.255.255.6: icmp_seq=3 ttl=61 time=0.780 ms 
64 bytes from 10.255.255.6: icmp_seq=4 ttl=61 time=0.879 ms 
^C 
--- 10.255.255.6 ping statistics --- 
4 packets transmitted, 4 received, 0% packet loss, time 2999ms 
rtt min/avg/max/mdev = 0.780/0.948/1.232/0.174 ms

Press Ctrl-C to stop ping process.


From MikroTik:

[admin@MikroTik] > ping 10.255.255.4 
10.255.255.4 64 byte ping: ttl=62 time=2 ms 
10.255.255.4 64 byte ping: ttl=62 time=8 ms 
10.255.255.4 64 byte ping: ttl=62 time=1 ms 
10.255.255.4 64 byte ping: ttl=62 time=10 ms 
4 packets transmitted, 4 packets received, 0% packet loss 
round-trip min/avg/max = 1/5.2/10 ms

Press Ctrl-C to stop ping process.

Using the traceroute command

Traceroute displays the list of the routers that packet travels through to get to a remote host. The traceroute ortracepath tool is available on practically all Unix-like operating systems and tracert on Microsoft Windows operating systems.

Traceroute operation is based on TTL value and ICMP “Time Exceeded” massage. Remember that TTL value in IP header is used to avoid routing loops. Each hop decrements TTL value by 1. If the TTL reaches zero, the packet is discarded and ICMP Time Exceeded message is sent back to the sender when this occurs.

Initially by traceroute, the TTL value is set to 1 when next router finds a packet with TTL = 1 it sets TTL value to zero, and responds with an ICMP "time exceeded" message to the source. This message lets the source know that the packet traverses that particular router as a hop. Next time TTL value is incremented by 1 and so on. Typically, each router in the path towards the destination decrements the TTL field by one unit TTL reaches zero.

Using this command you can see how packets travel through the network and where it may fail or slow down. Using this information you can determine the computer, router, switch or other network device that possibly causing network issues or failures.

From Personal computer:

Windows:

C:\>tracert 10.255.255.2 
Tracing route to 10.255.255.2 over a maximum of 30 hops   
1    <1ms>
2     1ms    1ms    1ms  10.255.255.2
Trace complete.


Unix-like:

Traceroute and tracepath is similar, only tracepath does not not require superuser privileges.

andris@andris-desktop:~$ tracepath 10.255.255.6  
1:  andris-desktop.local (192.168.10.4)                  0.123ms pmtu 1500  
1:  192.168.10.1 (192.168.10.1)                          0.542ms   
1:  192.168.10.1 (192.168.10.1)                          0.557ms   
2:  192.168.1.2 (192.168.1.2)                            1.213ms   
3:  no reply  
4:  10.255.255.6 (10.255.255.6)                          2.301ms reached      
Resume: pmtu 1500 hops 4 back 61


From MikroTik:

[admin@MikroTik] > tool traceroute 10.255.255.1      
ADDRESS                                    STATUS    
1       10.0.1.17 2ms 1ms 1ms     
2    10.255.255.1 5ms 1ms 1ms 
[admin@MikroTik] >
Go To Part 2