Date: February 10, 2002
From: NoClue As I read some of the horror stories in the Broadband Forum, I began to
see a need for an explanation of the various network troubleshooting tools that some of us
get to use on a daily basis. Most of this troubleshooting involves checking for
connectivity between devices, whether those devices are machines, routers, websites, mail
servers, etc.
I guess I should start by explaining that the vast majority of network problems are
caused by bad cabling. Keep a spare cable handy.
The tools:
Ping:
I once read that ping stands for ‘Packet InterNet Groper’.
I’ve since read that it doesn’t stand for anything. I think ‘Packet
Internet Groper’ is cool, so I’m sticking with it. 
Ping verifies a connection to a remote computer or other device (or node) by sending
Internet Control Message Protocol (ICMP) echo packets back and forth between them. Ping
then reports information about the exchange:
Figure 1
The picture above shows that 4 packets were received from the node 127.0.0.1, that those
packets were 32 bytes in size, that it took less than 10 milliseconds per packet, and that
the Time-To-Live (TTL) was 128 hops (each time a packet is forwarded to a node
counts as one hop). After the packet reaches the TTL (128 hops), it would be discarded.
Ping also gives us some statistics about 127.0.0.1, 4 packets were sent and received,
it didn’t lose any, and it happened faster than the machine can time it. There’s
a reason for that. 127.0.0.1 is the loopback address, the address that your
operating system uses to communicate with your network card. It is also sometimes called
the localhost address.
A few definitions:
Hostname: Any computer that is attached to the internet (or any other TCP/IP
network) is a host. Each host has a unique IP address. A host’s hostname is any Fully
Qualified Domain Name (FQDN) that resolves to that IP address.
NetBIOS name: NetBIOS (Network Basic Input Output System) is an Advanced
Programming Interface (API) used by LANs (Windows-based LANs at least, maybe others) that
adds network functionality. The NetBIOS name (I’ll also refer to it as machinename
quite a bit, and sometimes servername) is the name associated with each computer on
the LAN. In Win9x, it’s the name you’ve put in the ‘Identification’
tab under ‘Network Properties’. In Win2000, it’s the first part of the FQDN
that you’ve entered in the ‘Network Identification’ tab under ‘System
Properties’.
Resolve/resolution: IP addresses are said to resolve to hostnames and vice
versa. In the example above, the IP address 127.0.0.1 resolves to the hostname localhost.
Try it and see...open a Command Prompt (DOS Prompt) and type ping localhost and hit
Enter. Ping should report back “Pinging hostname [127.0.0.1] with 32 bytes of
data”, along with the rest of the stuff we discussed above.
UNC Path: The Universal Naming Convention path in the form \\servername\sharename\
where servername is the NetBIOS name of the computer containing the shared
resource. This can be extended to \\servername\sharename\directory\filename.
Gateway: A gateway, for the purposes of this article, is combination of hardware
and software that connects your machine to the Internet. Any packets not destined for the
local LAN are sent to the gateway.
DHCP: Dynamic Host Configuration Protocol lets a DHCP server dynamically assign
IP addresses, gateways and DNS server numbers.
Let’s look at a theoretical network:
Figure2
Please note that I’ve used fictitious hostnames and IP addresses (except for http://www.bitzenbytes.com/)
for the purposes of this article. Your names and numbers will be different.
Think about what happens when you type a website into your browser, say http://www.bitzenbytes.com./
Your machine contacts your DNS server to resolve http://www.bitzenbytes.com/ to its IP address,
63.74.92.232. Your machine then attempts to contact 63.74.92.232 and, once the connection
is made, requests the default web page, usually index.htm (or .html, or shtml, etc.). The
webserver containing that page transmits it to your machine where it appears in your
browser.
You can use ping to verify the connections between your operating system and
your NIC, and between your computer and every other node on the internet.
Here are the basic steps, using the diagram above, assuming that I am testing from
noclue1:
- Verify the loopback address: ping 127.0.0.1
- Verify the connection to your IP address: ping 68.999.999.990
- Verify the connection to another node on the LAN: ping 68.999.999.991
- Verify the connection to the gateway: ping 68.999.999.1
- Verify the connection to a node on a different network: ping 63.74.93.239
For each of these ping tests, you should have 4 replies.
Any of the IP addresses in these tests above can be replaced by the hostname or NetBIOS
name (LAN only), for instance:
These can be especially helpful in troubleshooting resolution issues. For example, if I
could ping 63.74.92.232 successfully (and get 4 replies) but I could not ping http://www.bitzenbytes.com/,
it would indicate that my DNS server was down, or that I had the wrong settings in Network
Properties (or that the wrong settings were assigned by the DHCP server).
I mentioned that these numbers are fictitious, and your numbers will be different, but
how do you find out what numbers to use? Here’s what I do:
Open a command (DOS) prompt. Type in ipconfig /all and hit Enter. This will give
you your current IP address, subnet mask, gateway, DHCP server and DNS servers. Jot this
stuff down. Keep it in a safe place.
For hostname assigned to your IP address, type in tracert yourIPaddress,
replacing, of course, yourIPaddress with the address you wrote down in the previous
step.
To get the IP address and hostname of your mail server, ping the name you have in your
email program's server settings; for instance, one of my settings just has
‘mail’ (Comcast, for the time being at least, will normally resolve
‘mail’ to your assigned mail server). I would type ping mail.
Keep all these hostnames and IP addresses handy. There may come a time when you will
need them to troubleshoot your connection.
For more information on the ping command, check out the Windows Help file.
That’s enough for part 1. Next time we’ll dig a little deeper into the ipconfig,
tracert and nslookup commands. |
Forums 
