Systems admin training workshop
Download
1 / 42

SYSTEMS ADMIN TRAINING WORKSHOP - PowerPoint PPT Presentation


  • 118 Views
  • Uploaded on

SYSTEMS ADMIN TRAINING WORKSHOP. University Computing Centre. Overview. Introduction Doing Basic Cable and Link Tests Testing Your NIC Testing Network Connectivity Detecting Network Congestion Packet Capturing Basic DNS Troubleshooting. Introduction. Two Network related problems

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' SYSTEMS ADMIN TRAINING WORKSHOP' - marged


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Systems admin training workshop

SYSTEMS ADMIN TRAINING WORKSHOP

University Computing Centre

Mr. Mturi Elias


Overview
Overview

  • Introduction

  • Doing Basic Cable and Link Tests

  • Testing Your NIC

  • Testing Network Connectivity

  • Detecting Network Congestion

  • Packet Capturing

  • Basic DNS Troubleshooting

Mr. Mturi Elias


Introduction
Introduction

  • Two Network related problems

    • Network Slowness

    • Lack of Connectivity

  • Sources of Network Slowness

    • NIC duplex and speed incompatibilities

    • Network congestion

    • Poor routing

    • Bad cabling

    • Electrical interference

Mr. Mturi Elias


Introduction1
Introduction

  • Sources of Network Slowness

    • An overloaded server at the remote end of the connection

    • Misconfigured DNS .

  • Sources of a Lack of Connectivity

    • The cables are bad.

    • The switch or router to which the server is connected is powered down.

    • The cables aren't plugged in properly.

    • The remote server or an application on the remote server being shut down.

Mr. Mturi Elias


Doing basic cable and link tests
Doing Basic Cable and Link Tests

  • NIC’s “link” light is on: indicates the link is functioning properly.

  • In most cases a lack of link is due to the wrong cable type being used.

  • There are two types of Ethernet cables crossover and straight-through.

  • Always make sure you are using the correct type.

Mr. Mturi Elias


Testing your nic
Testing Your NIC

  • Viewing Your Activated Interfaces

  • Viewing All Interfaces

    • The ifconfig -a command provides all the network interfaces, whether they are functional or not.

  • Testing Link Status from the Command Line.

    • Both the mii-tool and ethtool commands command will provide reports on the link status and duplex settings for supported NIC

Mr. Mturi Elias


Testing your nic 2
Testing Your NIC (2)

  • Testing Link Status from the Command Line.

    • Link Status Output from mii-tool

      [[email protected] root]# mii-tool -v

      eth0: negotiated 100baseTx-FD, link ok

      product info: vendor 00:08:18, model 25 rev 0

      basic mode: autonegotiation enabled

      basic status: autonegotiation complete, link ok

      capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD

      advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control

      link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD

      eth1: no link

      product info: vendor 00:08:18, model 25 rev 0

      basic mode: autonegotiation enabled

      basic status: no link

      capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD

      advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control

Mr. Mturi Elias


Testing your nic 3
Testing Your NIC (3)

  • Testing Link Status from the Command Line.

    • Link Status Output from ethtool

      [[email protected] root]# ethtool eth0

      Settings for eth0:

      Supported ports: [ TP ]

      Supported link modes: 10baseT/Half 10baseT/Full

      100baseT/Half 100baseT/Full

      1000baseT/Half 1000baseT/Full

      Supports auto-negotiation: Yes

      Advertised link modes: 10baseT/Half 10baseT/Full

      100baseT/Half 100baseT/Full

      1000baseT/Half 1000baseT/Full

      Advertised auto-negotiation: Yes

      Speed: 1000Mb/s

      Duplex: Full

      Port: Twisted Pair

      PHYAD: 0

      Transceiver: internal

      Auto-negotiation: on

      Supports Wake-on: g

      Wake-on: d

      Link detected: yes

Mr. Mturi Elias


Testing your nic 4
Testing Your NIC (4)

  • Viewing NIC Errors

    • ifconfig

    • ethtool –S eth0

Mr. Mturi Elias


Testing your network connectivity
Testing Your Network Connectivity

  • Using Ping To Test Connectivity

    • ping sends ICMP echo packets that request a corresponding ICMP echo-reply response from the device at the target address.

    • Because most servers will respond to a ping query it becomes a very handy tool.

Mr. Mturi Elias


Testing your network connectivity 2
Testing Your Network Connectivity (2)

  • Using Ping To Test Connectivity

    • A lack of response could be due to:

    • A server with that IP address doesn't exist

    • The server has been configured not to respond to pings

    • A firewall or router along the network path is blocking ICMP traffic

    • You have incorrect routing.

    • Either the source or destination device having an incorrect IP address or subnet mask.

Mr. Mturi Elias


Testing your network connectivity 3
Testing Your Network Connectivity (3)

  • Using Ping To Test Connectivity

    • [[email protected] root]# ping -c 2 www.udsm.ac.tz

    • PING websvr.udsm.ac.tz (196.44.161.110) 56(84) bytes of data.

    • 64 bytes from websvr.udsm.ac.tz (196.44.161.110): icmp_seq=0 ttl=254 time=0.588 ms

    • 64 bytes from websvr.udsm.ac.tz (196.44.161.110): icmp_seq=1 ttl=254 time=0.470 ms

    • --- websvr.udsm.ac.tz ping statistics ---

    • 2 packets transmitted, 2 received, 0% packet loss, time 1007ms

    • rtt min/avg/max/mdev = 0.470/0.529/0.588/0.059 ms, pipe 2

Mr. Mturi Elias


Testing your network connectivity 4
Testing Your Network Connectivity (4)

  • You may get a "Destination Host Unreachable" message. There are a number of reasons for this:

  • The server might be down, or disconnected for the network.

  • Your NIC might not have the correct duplex settings; you may verify this with the mii-tool command.

  • You might have the incorrect type of cable connecting your Linux box to the network.

  • In the case of a wireless network, your SSID or encryption keys might be incorrect.

Mr. Mturi Elias


Testing your network connectivity 5
Testing Your Network Connectivity (5)

  • Using netstat Command to test the connections:

  • Displays network connections, routing tables, interface statistics, masquerade connections, netlink messages, and multicast memberships.

  • Can be used to check for open ports, an important security issue.

Mr. Mturi Elias


Testing your network connectivity 6
Testing Your Network Connectivity (6)

  • Using netstat Command to test the connections:

    [[email protected] root]# netstat -an

    Active Internet connections (servers and established)

    Proto Recv-Q Send-Q Local Address Foreign Address State

    tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN

    tcp 0 0 127.0.0.1:32769 0.0.0.0:* LISTEN

Mr. Mturi Elias


Testing your network connectivity 7
Testing Your Network Connectivity (7)

  • Using traceroute to Test Connectivity

  • Prints the route packets take to get to a particular network host.

  • This helps you verify that routing over the networks in between is correct.

  • Uses UDP packets by default.

Mr. Mturi Elias


Testing your network connectivity 8
Testing Your Network Connectivity (8)

[[email protected] root]# traceroute www.yahoo.com

traceroute to www.yahoo-ht2.akadns.net (209.73.186.238), 30 hops max, 38 byte packets

1 82.206.143.66 (82.206.143.66) 0.802 ms 0.729 ms 0.677 ms

2 10.103.160.1 (10.103.160.1) 1.393 ms 1.713 ms 1.213 ms

3 172.17.7.7 (172.17.7.7) 533.409 ms 520.447 ms 786.705 ms

4 172.17.7.17 (172.17.7.17) 576.658 ms 519.385 ms 515.692 ms

c 5 fus-rt002-LANB.core.globalconnex.net (80.255.48.2) 523.617 ms 519.992 ms 514.423 ms

cc 6 80.255.35.162 (80.255.35.162) 624.555 mscc 624.800 msc 626.754 ms

Mr. Mturi Elias


Testing your network congention
Testing Your Network Congention

  • Using MTR To Detect Network Congestion

  • Matt's Traceoute is an application you can use to do a repeated traceroute in real time.

  • It dynamically shows the round-trip time to reach each hop along the traceroute path.

  • The constant updates enable you not only to visually determine which hops are slow and when are they slow.

Mr. Mturi Elias



Packet capturing
PACKET CAPTURING

  • Sniffer, tcpdump, Ethereal, ntop

Mr. Mturi Elias


What is packet capture
What is Packet Capture?

  • Real time collection of data as it travels over networks

  • Tools called:

    • packet sniffers

    • packet analysers

    • protocol analysers, and sometimes even

    • traffic monitors

Mr. Mturi Elias


When packet capture
When Packet Capture?

  • Most powerful technique

  • When need to see what client and server are actually saying to each other

  • When need to analyse type of traffic on network

  • Requires understanding of network protocols to use effectively

Mr. Mturi Elias


How to use tcpdump
How to use tcpdump

  • Can just type its name (as root):

    $ tcpdump

  • ...but get a huge amount of data!

  • Can restrict the data collected using a filter

  • A filter may select addresses, protocols, port numbers,...

Mr. Mturi Elias


Tcpdump some options
tcpdump: some options

  • -c n — capture a count of n packets then stop

  • -w file — write raw data to file.

    • Very useful — can filter and analyse this later with tcpdump, ethereal or other tools

    • but you cannot see what you are capturing till later!

  • -i interface — collect from interface instead of lowest numbered network interface

  • -s bytes — collect no more than bytes of data from each packet instead of default 68 bytes

  • -e — show link level info, e.g., Ethernet addresses

  • -x — gives a hexadecimal dump of packets

    • excluding link level data

  • -X— display ASCII as well as hexadecimal if have –x option too

  • Many more options: man tcpdump

Mr. Mturi Elias


Tcpdump filters host and port
tcpdump Filters: host and port

  • Show all network traffic to and from 192.168.0.1:

    tcpdump host 192.168.0.1

  • Show packets to 192.168.0.1:

    tcpdump dst 192.168.0.1

  • Show packets to port 68 on 192.168.0.1:

    tcpdump dst 192.168.0.1 and port 68

Mr. Mturi Elias


Tcpdump filters networks
tcpdump filters: networks

  • Capture traffic to or from 205.153.60/24:

    tcpdump net 172.19.64/18

  • can specify network as source or destination:

    tcpdump src net 205.153.60/24

    tcpdump dst net 172.19.64/18

Mr. Mturi Elias


Tcpdump filters protocol
tcpdump filters: protocol

  • tcpdump ip

  • tcpdump tcp

  • tcpdump ip proto ospf

  • This will catch DNS name lookups, but not zone transfers (which use tcp):

  • tcpdump udp port 53

Mr. Mturi Elias


Ethereal

Ethereal

King of the Packet Analysers!

Available for Linux, Unix, Windows

Mr. Mturi Elias


Ethereal1
Ethereal

  • Ethereal can read data captured by tcpdump, e.g.,

    $ ethereal –r tcpdump.pcap

  • or File -> Open

  • Can capture data itself

  • Uses same filter language as tcpdump

Mr. Mturi Elias




You can expand any protocol
You can expand any protocol:

  • If we click on the + next to Bootstrap Protocol, we can see the details of the DHCP Request:

Mr. Mturi Elias



Ethereal continued
Ethereal (Continued)

  • Text based ethereal called tethereal:

  • If you machine does not have GUI or you are using a remote server/computer tethereal is the best for you.

  • Just type tethereal in your command prompt

Mr. Mturi Elias


Ethereal continued1
Ethereal (Continued)

Mr. Mturi Elias


Basic dns troubleshooting
Basic DNS Troubleshooting

  • Sometimes the source of problems can be due to misconfigured DNS rather than poor network connectivity.

  • DNS is the system that helps map an IP address to your Web site's domain name and your site may suddenly become unavailable if the mapping is incorrect

Mr. Mturi Elias


Basic dns troubleshooting 2
Basic DNS Troubleshooting (2)

  • Using nslookup to Test DNS

  • The nslookup command can be used to get the associated IP address for your domain and vice versa.

Mr. Mturi Elias


Basic dns troubleshooting 3
Basic DNS Troubleshooting (3)

  • Using nslookup To Check Your IP Address

Mr. Mturi Elias


Basic dns troubleshooting1
Basic DNS Troubleshooting

  • Using the host Command to Test DNS

Mr. Mturi Elias


Basic dns troubleshooting2
Basic DNS Troubleshooting

  • Using the dig Command to Test DNS

Mr. Mturi Elias



Conclusion
Conclusion

Lest Know When You Have Problem

You Need To Be Proactive.

Mr. Mturi Elias


ad