Functions & Components of LAN

Exploring the Functions of Networking

(Compiled by Vladislav Spector)

What is a LAN

A local area network is a computer network covering a small geographic area, like a home, office, or group of buildings e.g. a school.

The defining characteristics of LANs, in contrast to Wide Area Networks (WANs), include their much higher data transfer rates, smaller geographic range, and lack of a need for leased telecommunication lines.

History of LAN

The first LAN put into service occurred in 1964 at the Livermore Laboratory to support atomic weapons research. LANs spread to the public sector in the late 1970s and were used to create high-speed links between several large central computers at one site. Of many competing systems created at this time, Ethernet and ARCNET were the most popular.

Initially, LANs were limited to a range of 185 meters or 600 feet and could not include more than 30 computers. Today, a LAN could connect a max of 1024 computers at a max distance of 900 meters or 2700 feet.

Functions of a LAN

· Data and applications

· Resources (file sharing, print sharing)

· Network storage

· Backup devices

· Communication path to other networks

Network User Applications

· E-mail (Microsoft Outlook, Yahoo, GMail and so on)

· Web browser (IE, Firefox, and so on)

· Instant messaging (Skype, Microsoft Messenger, and so on)

· Collaboration (Whiteboard, Netmeeting, WebEx, and so on)

· Databases

LAN Components

§ Computers, PCs, Servers

§ Interconnections: NICs, Media

§ Network devices: Hubs, Switches, Routers

§ Protocols: LAN, Network

Network card

A network card, network adapter, LAN Adapter or NIC (network interface card) is a piece of computer hardware designed to allow computers to communicate over a computer network.

It is both an OSI layer 1 (physical layer) and layer 2 (data link layer) device, as it provides physical access to a networking medium and provides a low-level addressing system through the use of MAC addresses.

Network hub

A network hub or concentrator is a device for connecting multiple twisted pair or fiber optic Ethernet devices together, making them act as a single network segment.

Network switch

A network switch is a computer networking device that connects network segments.

Low-end network switches appear nearly identical to network hubs, but a switch contains more "intelligence" than a network hub. Network switches are capable of inspecting data packets as they are received, determining the source and destination device of that packet, and forwarding it appropriately.

Router

A router is a computer whose software and hardware are usually tailored to the tasks of routing and forwarding, generally containing a specialized operating system (e.g. Cisco's IOS).

Network Topology

Network topology is the study of the arrangement or mapping of the elements (links, nodes, etc.) of a network, especially the physical (real) and logical (virtual) interconnections between nodes

Physical Topology Categories

· Bus Topology - All devices receive the signal.

· Star Topology - Transmission through a central point, Single point of failure.

· Ring Topology - Signals travel around ring, Single point of failure.

· Full-Mesh Topology - Highly fault-tolerant, Expensive to implement.

· Partial-Mesh Topology - Trade-off between fault tolerance and cost.

Summary of Network

§ A network is a connected collection of devices that can communicate with each other. Networks carry data in many kinds of environments, including homes, small businesses, and large enterprises.

§ There are four major categories of physical components in a computer network: the computer, interconnections, switches, and routers.

§ The major resources that are shared in a computer network include data and applications, peripherals, storage devices, and backup devices.

§ The most common network user applications include e-mail, web browsers, instant messaging, collaboration, and databases.

§ User applications affect the network by consuming network resources.

§ The ways in which networks can be described include characteristics that address network performance and structure: speed, cost, security, availability, scalability, reliability, and topology.

§ A physical topology describes the layout for wiring the physical devices, while a logical topology describes how information flows through a network.

§ In a physical bus topology, a single cable effectively connects all the devices.

§ In a physical star topology, each device in the network is connected to the central device with its own cable.

§ When a star network is expanded to include additional networking devices that are connected to the main networking device, it is called an extended-star topology.

§ In a ring topology, all the hosts are connected in the form of a ring or circle. In a dual-ring topology, there are two rings to provide redundancy in the network.

§ A full-mesh topology connects all devices to each other; in a partial-mesh topology, at least one device has multiple connections to all other devices.

§ There are three common methods of connecting the small office to the Internet: DSL using the existing telephone lines, cable using the CATV infrastructure, and serial links using the classic digital local loops.

Understanding the Host-to-Host Communications Model

Understanding Host-to-Host Communications

§ Nonstandards-based Older model (before OSI)

– Proprietary (IBM SNA, Digital DECnet)

– Application and combinations software controlled by one vendor

§ Standards-based model (OSI)

– Multivendor software

– Layered approach

Why a Layered Network Model?

§ Simplifies teaching and learning

§ Reduces complexity

§ Facilitates modular engineering (free changing of Protocols)

§ Standardizes interfaces

Communication between Hosts

(Horizontal Communication)

Communication between Layers
(Vertical Communication)

q Data Encapsulation

Moving from the top, down - messages get larger and larger ! !  

A message is passed down, and the lower layer adds a header to it. 

This is called encapsulation, because it is like placing an object into a capsule. 

The header is sometimes called a wrapper. 

Each successive lower layer encapsulates what it receives from the layer above it.

q De-Encapsulation

Moving from the bottom, up - messages get smaller and smaller ! ! 

A message is first stripped of it's header, and then the inner contents (the "data" portion) is passed up. 

This is "decapsulation" but no one uses that term. 

Each successive upper layer receives the data message from the layer below, and then strips off it's own header and passes the data up.

Although there are seven layers in the OSI model,

they can be grouped into three areas:

q High-level Protocols (layers 5, 6 and 7  -  Session, Presentation, and Application) - how the data is presented, displayed, and summarized for the user  -  and in the reverse direction, how the user prepared data is assembled into meaningful data structures (high-level protocols).

q Medium-level Protocols (Layers 3 and 4 - Network and Transport) - how the data is assembled into packets and frames and how error checking and flow control is implemented - and in the reverse direction, how the received packets and frames are assembled into structures such as files and databases (medium-level protocols)

q Low-level Protocols (Layers 1 and 2 - Physical and DataLink) - how the data is converted into electrical pulses of ones's and zero's (bits) and sent across cables or the physical medium, and in the reverse direction, how the electrical pulses are taken off the cable and converted to ones and zero's.

TCP/IP Stack

§ Defines four layers

§ Uses different names for Layers 1 through 3

§ Combines Layers 5 through 7 into single application layer

Summary

§ The OSI reference model defines the network functions that occur at each layer.

§ The physical layer defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link between end systems.

§ The data link layer defines how data is formatted for transmission and how access to the physical media is controlled.

• The network layer provides connectivity and path selection between two host systems that may be located on geographically separated networks.

Troubleshooting networking using the OSI model

When troubleshooting networking it is always sensible to approach the problem from the perspective of the OSI model. The OSI, or Open System Interconnection, model defines a networking framework for implementing protocols in seven layers. The beauty of this model is the fact that you can individually troubleshoot every layer using simple methods. I suggest working from layer 1 upwards until you find the problem.

Physical (Layer 1)

This layer conveys the bit stream - electrical impulse, light or radio signal -- through the network at the electrical and mechanical level.

It provides the hardware means of sending and receiving data on a carrier, including defining cables, cards and physical aspects.

Fast Ethernet, RS232, and ATM are protocols with physical layer components.

Data Link (Layer 2)

Ethernet, ATM, Frame Relay, etc.  At this layer, data packets are encoded and decoded into bits. It furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization.

The data link layer is divided into two sublayers: The Media Access Control (MAC) layer and the Logical Link Control (LLC) layer.

The MAC sublayer controls how a computer on the network gains access to the data and permission to transmit it.

The LLC layer controls frame synchronization, flow control and error checking.

Network (Layer 3)

Typically IP (the bottom half of TCP/IP).  This layer provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node.

Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing.

Transport (Layer 4)

Usually TCP (the top half of TCP/IP).

This layer provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control.

It ensures complete data transfer.

Session (Layer 5)

This layer establishes, manages and terminates connections between applications.

The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications at each end.

It deals with session and connection coordination.

Presentation (Layer 6)

This layer provides independence from differences in data representation (e.g., encryption) by translating from application to network format, and vice versa.

The presentation layer works to transform data into the form that the application layer can accept.

This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems. It is sometimes called the syntax layer.

This layer looks at things like JPEG, MPEG, MIDI, QUICKTIME and other files of the same nature. Most of your troubleshooting will be with the applications that create them (at layer 7) but be aware that you can hex files to look at the structure and change them.
Application (Layer 7)

This layer supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything at this layer is application-specific. This layer provides application services for file transfers, e-mail, and other network software services. Telnet and FTP are applications that exist entirely in the application level. Tiered application architectures are part of this layer.
If all of the other layers are working and have been tested, then this is usually just a matter of applying patches to software or reinstalling. Everyone probably has experience troubleshooting problems in windows. Telnet is an excellent tool for connecting to virtually any port to check to see if the above layers are functioning properly.

Application (Layer 7)

This layer supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything at this layer is application-specific. This layer provides application services for file transfers, e-mail, and other network software services. Telnet and FTP are applications that exist entirely in the application level. Tiered application architectures are part of this layer.
  Presentation (Layer 6)

This layer provides independence from differences in data representation (e.g., encryption) by translating from application to network format, and vice versa. The presentation layer works to transform data into the form that the application layer can accept. This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems. It is sometimes called the syntax layer.
  Session (Layer 5)

This layer establishes, manages and terminates connections between applications. The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications at each end. It deals with session and connection coordination.
  Transport (Layer 4)

This layer provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control. It ensures complete data transfer.
  Network (Layer 3)

This layer provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing.
  Data Link (Layer 2)

At this layer, data packets are encoded and decoded into bits. It furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization. The data link layer is divided into two sub layers: The Media Access Control (MAC) layer and the Logical Link Control (LLC) layer. The MAC sub layer controls how a computer on the network gains access to the data and permission to transmit it. The LLC layer controls frame synchronization, flow control and error checking.
  Physical (Layer 1)

This layer conveys the bit stream - electrical impulse, light or radio signal -- through the network at the electrical and mechanical level. It provides the hardware means of sending and receiving data on a carrier, including defining cables, cards and physical aspects. Fast Ethernet, RS232, and ATM are protocols with physical layer components.

Networking Cisco Routers And Switches:

Using The OSI Model For Troubleshooting

By Chris Bryant, CCIE #12933

The best kind of troubleshooting is proactive.  That's where proper network documentation comes in - because it helps you identify single points of failure and introducing redundancy before it's needed.

Using our old friend the OSI model to troubleshoot a network has several advantages.   If we have a network problem and look at it as a whole, it can be very difficult to decide where to even start troubleshooting.  By using a structured approach, we can eliminate possible issues, which helps to - you guessed it - isolate the problem.

Let me warn you here, though, that you've got to be flexible when it comes to your troubleshooting approach.  You're going to learn about several troubleshooting models in this chapter, and they're important, but you don't want to pick one and ignore the other two.  You'll see what I mean as we go through the chapter.

This layered approach allows you to focus on specific factors at each layer as you work your way up or down the model.  At the Physical layer, you're checking cabling, ports, power supplies, etc., and so forth.  This layered approach brings structure to the entire network troubleshooting process.

Using a structured approach also makes the problem less complex than it might seem at the time.  We've all been in situations where at first glance, a network issue seems complex, but it ends up being something simple - anything from a loose cable to a one-line misconfiguration. 

You've got to develop your own troubleshooting approach should reflect where in the OSI model you believe the problem resides.  Two such approaches are bottom-up and top-down, and again the name is the recipe - If you believe the issue is a physical one,  start with the physical layer and work your way up (bottom-up).  If you believe an application is the issue, start with the application layer and work your way down (top-down).

Network issues won't always be so cut-and-dried that you can start at the top or bottom of the OSI model, though!  Let's say you suspect that the issue is with a routing protocol, or with PAT.  In these two cases, you'd begin with the Network or Transport layers, respectively.  There's no need to start at the bottom or the top of the OSI model if you believe the issue is in the middle, so you'll take the divide-and-conquer approach, which is the term used to describe the approach used when a specific middle layer of the OSI model is the first one checked.

If you're using divide-and-conquer, you're assuming that all layers beneath the layer you begin troubleshooting are working correctly.  For example, if you begin troubleshooting by examining the routing table, you're using divide-and-conquer as well as assuming that the Physical and Data Link layers are working correctly.

As you gain more experience, you'll find yourself using the divide-and-conquer method more and more often.  Used by experienced troubleshooters, this approach is often the fastest, especially when you've seen the issue before.  Just another reason to get as much real hands-on practice as you can!

Examples of when each approach would be appropriate:

• Bottom-up:  Physical layer issues such as framing errors, line code errors, excessive collisions, port LEDs that are off that should be on, or are in an alarm/error state.  Also, the more complex the problem, the more helpful the bottom-up approach can be.

• Top-down:  Application-specific issues

• Divide-and-conquer:  Routing issues, excessive broadcasts, NAT/PAT issues, or any situation that you as an experienced troubleshooter have seen before.

Regardless of which troubleshooting model we're using, the process remains pretty much the same:

-- Determine the symptoms.  Is traffic stopped? Slow?  What is accessible and what is not?

-- Isolate the problem. What exactly is causing the issue(s)?

-- Fix the problem.  After all, that's what we're here for!

To your success,

Chris Bryant

CCIE #12933

How to use the OSI Model to Troubleshoot Networks

by David Davis, vExpert, VCP, CCIE 9369 - January 7, 2009

In a previous article, we explained the OSI model and how it works. In that article, we went over how the OSI model is a standard theoretical model for how networking hardware, software, protocols work together. What we didn’t discuss in that article is how the OSI model can help you in your day to day life.

Some of you might be thinking “theoretical models don’t help me” or “the OSI model is just some engineering thing for the nerds”. However, in reality, it is quite the opposite. The OSI model can help you. Let me show you how.

Using the OSI model

First off, I want you to have a visual image of the OSI mode. It looks like this:

This graphic is courtesy of the Abdus Salam International Centre for Theoretical Physics

On the left hand side is a user. On the right hand side, you could have a server. Every request AND response has to travel from the left, down every layer, to the physical layer, across the physical layer, up the layers on the right, and up to the server on the top right hand corner.

By understanding this information and having a visual image of how the OSI model works, you have a very valuable troubleshooting tool. If you can visualize the different pieces that complete the path of the data, you will have much less trouble resolving a networking issue. You can think of the OSI model as a map for the path that your data takes. If your data is not completing the path, you can check each “waypoint” on the map until you find the area that is causing the problem.

My experience with the OSI model

In my time spent as a network administrator, I would use the OSI model daily. Let me explain how.

When a get a call from a user that explains a problem they are having, I would immediately visualize the OSI model. The user might say that they can’t bring up a graphic they are trying to download from the Internet. That graphic is brought up in an application.  (layer 7 of the OSI model). I could either start at the top or the bottom, depending on what I suspected was the problem. I would usually start at the bottom (termed the “bottom up approach”). At the bottom of the OSI model is the physical layer (layer 1). So, I would proceed to ask them questions like this:

· Is your network cable plugged in? (physical)

· Is there a link light on the Ethernet switch and Ethernet NIC? (data-link)

· Do you have an IP address? (network)

· Can you ping your default gateway? (network, testing LAN IP connectivity)

· Do you have DNS server information?

· Can you ping your DNS server? (network, testing IP connectivity)

· Do you have a firewall configured? (network on up to application)

· Can you ping the host you are trying to get to by name? (application, DNS and network WAN IP connectivity)

· What format is the graphic in? Do you have a viewer for that format? (presentation)

· Can your web browser open up another website? (basic application troubleshooting)

It may turn out that the graphic they were trying to bring up was a .TIFF file and they didn’t have a decoder for that type of file. Thus, this would have been a presentation error issue as the presentation layer deals with formats of graphics & files, as well as compression and encryption.

Methods of using the OSI model

I just gave you an example for using the OSI model with a “bottom up” approach to troubleshooting. There are three different ways to use the OSI model:

· Bottom up – troubleshooting by going from the physical layer (layer 1) up to the application layer (layer 7)

· Top down - troubleshooting by going from the application layer (layer 7) down to the physical layer (layer 1)

· Divide and Conquer – in this method, you start with whatever layer you feel is most likely the cause of the problem, then move in whatever direction you feel is the more likely cause of the issue (either up or down the OSI model)

In Summary

Now you may not be a network administrator but the OSI model can help anyone troubleshoot any networking problem. I hope that this example gave you some ideas as to how you can use the OSI model, everyday, to troubleshoot your networking problems.

Network Troubleshooting Overview

These sections introduce you to the concepts and practice of network troubleshooting:

• Introduction to Network Troubleshooting
• Network Troubleshooting Framework
• Troubleshooting Strategy

---

Network troubleshooting means recognizing and diagnosing networking problems with the goal of keeping your network running optimally. As a network administrator, your primary concern is maintaining connectivity of all devices (a process often called fault management). You also continually evaluate and improve your network's performance. Because serious networking problems can sometimes begin as performance problems, paying attention to performance can help you address issues before they become serious.

About Connectivity Problems

Connectivity problems occur when end stations cannot communicate with other areas of your local area network (LAN) or wide area network (WAN). Using management tools, you can often fix a connectivity problem before users even notice it. Connectivity problems include:

• Loss of connectivity - When users cannot access areas of your network, your organization's effectiveness is impaired. Immediately correct any connectivity breaks.
• Intermittent connectivity - Although users have access to network resources some of the time, they are still facing periods of downtime. Intermittent connectivity problems can indicate that your network is on the verge of a major break. If connectivity is erratic, investigate the problem immediately.
• Timeout problems - Timeouts cause loss of connectivity, but are often associated with poor network performance.

About Performance Problems

Your network has performance problems when it is not operating as effectively as it should. For example, response times may be slow, the network may not be as reliable as usual, and users may be complaining that it takes them longer to do their work. Some performance problems are intermittent, such as instances of duplicate addresses. Other problems can indicate a growing strain on your network, such as consistently high utilization rates.

If you regularly examine your network for performance problems, you can extend the usefulness of your existing network configuration and plan network enhancements, instead of waiting for a performance problem to adversely affect the users' productivity.

Solving Connectivity and Performance Problems

When you troubleshoot your network, you employ tools and knowledge already at your disposal. With an in-depth understanding of your network, you can use network software tools, such as "Ping", and network devices, such as "Analyzers", to locate problems, and then make corrections, such as swapping equipment or reconfiguring segments, based on your analysis.

Transcend^® provides another set of tools for network troubleshooting. These tools have graphical user interfaces that make managing and troubleshooting your network easier. With "Transcend Applications", you can:

• Baseline your network's normal status to use as a basis for comparison when the network operates abnormally
• Precisely monitor network events
• Be notified immediately of critical problems on your network, such as a device losing connectivity
• Establish alert thresholds to warn you of potential problems that you can correct before they affect your network
• Resolve problems by disabling ports or reconfiguring devices

See "Your Network Troubleshooting Toolbox" for details about each troubleshooting tool.

---

Network Troubleshooting Framework

The International Standards Organization (ISO) Open Systems Interconnect (OSI) reference model is the foundation of all network communications. This seven-layer structure provides a clear picture of how network communications work.

Protocols (rules) govern communications between the layers of a single system and among several systems. In this way, devices made by different manufacturers or using different designs can use different protocols and still communicate.

By understanding how network troubleshooting fits into the framework of the OSI model, you can identify at what layer problems are located and which type of troubleshooting tools to use. For example, unreliable packet delivery can be caused by a problem with the transmission media or with a router configuration. If you are receiving high rates of "FCS Errors" and "Alignment Errors", which you can monitor with Status Watch, then the problem is probably located at the physical layer and not the network layer. Figure 1 shows how to troubleshoot the layers of the OSI model.

Table 5 describes the data that the network management tools can collect as it relates to the OSI model layers.

Table 5 Network Data and the OSI Model Layers
Layer	Data Collected	TranscendcNCS Tool Used
Application Presentation Session Transport	Protocol information and other Remote Monitoring (RMON) and RMON2 data	LANsentry Manager Traffix Manager (for more detail)
Network	Routing information	Status Watch LANsentry Manager (for more detail) Traffix Manager (for more detail)
Data Link	Traffic counts and other packet breakdowns	Status Watch LANsentry Manager (for more detail)
Physical	Error counts	Status Watch

Figure 1 OSI Reference Model and Network Troubleshooting

For information about network troubleshooting tools, see "Your Network Troubleshooting Toolbox".

---

Troubleshooting Strategy

How do you know when you are having a network problem? The answer to this question depends on your site's network configuration and on your network's normal behavior. See "Knowing Your Network" for more information.

If you notice changes on your network, ask the following questions:

• Is the change expected or unusual?
• Has this event ever occurred before?
• Does the change involve a device or network path for which you already have a backup solution in place?
• Does the change interfere with vital network operations?
• Does the change affect one or many devices or network paths?

After you have an idea of how the change is affecting your network, you can categorize it as critical or noncritical. Both of these categories need resolution (except for changes that are one-time occurrences); the difference between the categories is the time that you have to fix the problem.

By using a strategy for network troubleshooting, you can approach a problem methodically and resolve it with minimal disruption to network users. It is also important to have an accurate and detailed map of your current network environment. Beyond that, a good approach to problem resolution is:

• Recognizing Symptoms
• Understanding the Problem
• Identifying and Testing the Cause of the Problem
• Solving the Problem

Recognizing Symptoms

The first step to resolving any problem is to identify and interpret the symptoms. You may discover network problems in several ways. Users may complain that the network seems slow or that they cannot connect to a server. You may pass your network management station and notice that a node icon is red. Your beeper may go off and display the message: WAN connection down.

User Comments

Although you can often solve networking problems before users notice a change in their environment, you invariably get feedback from your users about how the network is running, such as:

• They cannot print.
• They cannot access the application server.
• It takes them much longer to copy files across the network than it usually does.
• They cannot log on to a remote server.
• When they send e-mail to another site, they get a routing error message.
• Their system freezes whenever they try to Telnet.

Network Management Software Alerts

Network management software, as described in "Your Network Troubleshooting Toolbox", can alert you to areas of your network that need attention. For example:

• The application displays red (Warning) icons.
• Your weekly Top-N utilization report (which indicates the 10 ports with the highest utilization rates) shows that one port is experiencing much higher utilization levels than normal.
• You receive an e-mail message from your network management station that the threshold for broadcast and multicast packets has been exceeded.

These signs usually provide additional information about the problem, allowing you to focus on the right area.

Analyzing Symptoms

When a symptom occurs, ask yourself these types of questions to narrow the location of the problem and to get more data for analysis:

• To what degree is the network not acting normally (for example, does it now take one minute to perform a task that normally takes five seconds)?
• On what subnetwork is the user located?
• Is the user trying to reach a server, end station, or printer on the same subnetwork or on a different subnetwork?
• Are many users complaining that the network is operating slowly or that a specific network application is operating slowly?
• Are many users reporting network logon failures?
• Are the problems intermittent? For example, some files may print with no problems, while other printing attempts generate error messages, make users lose their connections, and cause systems to freeze.

Understanding the Problem

Networks are designed to move data from a transmitting device to a receiving device. When communication becomes problematic, you must determine why data are not traveling as expected and then find a solution. The two most common causes for data not moving reliably from source to destination are:

• The physical connection breaks (that is, a cable is unplugged or broken).
• A network device is not working properly and cannot send or receive some or all data.

Network management software can easily locate and report a physical connection break (layer 1 problem). It is more difficult to determine why a network device is not working as expected, which is often related to a layer 2 or a layer 3 problem.

To determine why a network device is not working properly, look first for:

• Valid service - Is the device configured properly for the type of service it is supposed to provide? For example, has Quality of Service (QoS), which is the definition of the transmission parameters, been established?
• Restricted access - Is an end station supposed to be able to connect with a specific device or is that connection restricted? For example, is a firewall set up that prevents that device from accessing certain network resources?
• Correct configuration - Is there a misconfiguration of IP address, subnet mask, gateway, or broadcast address? Network problems are commonly caused by misconfiguration of newly connected or configured devices. See "Manager-to-Agent Communication" for more information.

Identifying and Testing the Cause of the Problem

After you develop a theory about the cause of the problem, test your theory. The test must conclusively prove or disprove your theory.

Two general rules of troubleshooting are:

• If you cannot reproduce a problem, then no problem exists unless it happens again on its own.
• If the problem is intermittent and you cannot replicate it, you can configure your network management software to catch the event in progress.

For example, with "LANsentry Manager", you can set alarms and automatic packet capture filters to monitor your network and inform you when the problem occurs again. See "Configuring Transcend NCS" for more information.

Although network management tools can provide a great deal of information about problems and their general location, you may still need to swap equipment or replace components of your network until you locate the exact trouble spot.

After you test your theory, either fix the problem as described in "Solving the Problem" or develop another theory.

Sample Problem Analysis

This section illustrates the analysis phase of a typical troubleshooting incident.

On your network, a user cannot access the mail server. You need to establish two areas of information:

• What you know - In this case, the user's workstation cannot communicate with the mail server.
• What you do not know and need to test -
  • Can the workstation communicate with the network at all, or is the problem limited to communication with the server? Test by sending a "Ping" or by connecting to other devices.
  • Is the workstation the only device that is unable to communicate with the server, or do other workstations have the same problem? Test connectivity at other workstations.
  • If other workstations cannot communicate with the server, can they communicate with other network devices? Again, test the connectivity.

The analysis process follows these steps:

1 .   Can the workstation communicate with any other device on the subnetwork?

• If no, then go to step 2.
• If yes, determine if only the server is unreachable.
  • If only the server cannot be reached, this suggests a server problem. Confirm by doing step 2.
  • If other devices cannot be reached, this suggests a connectivity problem in the network. Confirm by doing step 3.

2 .   Can other workstations communicate with the server?

• If no, then most likely it is a server problem. Go to step 3.
• If yes, then the problem is that the workstation is not communicating with the subnetwork. (This situation can be caused by workstation issues or a network issue with that specific station.)

3 .   Can other workstations communicate with other network devices?

• If no, then the problem is likely a network problem.
• If yes, the problem is likely a server problem.

When you determine whether the problem is with the server, subnetwork, or workstation, you can further analyze the problem, as follows:

• For a problem with the server - Examine whether the server is running, if it is properly connected to the network, and if it is configured appropriately.
• For a problem with the subnetwork - Examine any device on the path between the users and the server.
• For a problem with the workstation - Examine whether the workstation can access other network resources and if it is configured to communicate with that particular server.

Equipment for Testing

To help identify and test the cause of problems, have available:

• A laptop computer that is loaded with a terminal emulator, TCP/IP stack, TFTP server, CD-ROM drive (to read the online documentation), and some key network management applications, such as LANsentry^® Manager. With the laptop computer, you can plug into any subnetwork to gather and analyze data about the segment.
• A spare managed hub to swap for any hub that does not have management. Swapping in a managed hub allows you to quickly spot which port is generating the errors.
• A single port probe to insert in the network if you are having a problem where you do not have management capability.
• Console cables for each type of connector, labeled and stored in a secure place.

Solving the Problem

Many device or network problems are straightforward to resolve, but others yield misleading symptoms. If one solution does not work, continue with another.

A solution often involves:

• Upgrading software or hardware (for example, upgrading to a new version of agent software or installing Gigabit Ethernet devices)
• Balancing your network load by analyzing:
  • What users communicate with which servers
  • What the user traffic levels are in different segments

Based on these findings, you can decide how to redistribute network traffic.

• Adding segments to your LAN (for example, adding a new switch where utilization is continually high)
• Replacing faulty equipment (for example, replacing a module that has port problems or replacing a network card that has a faulty jabber protection mechanism)

To help solve problems, have available:

• Spare hardware equipment (such as modules and power supplies), especially for your critical devices
• A recent backup of your device configurations to reload if flash memory gets corrupted (which can sometimes happen due to a power outage)