Shulou(Shulou.com)06/01 Report--

A mature network management organization generally has a complete set of fault management logging mechanism, at the same time, people also take the lead to introduce expert system and artificial intelligence technology to the network fault management center. But for most people who are new to the network, this is a bit too complicated, but it doesn't matter. Let me sum up the methods and experience of network troubleshooting and troubleshooting for network managers and rookies.

According to the nature of the network fault, we can divide the network fault into physical fault and logical fault, and according to the object of the network fault, we can divide the network fault into line fault, routing fault and host fault.

The following first introduces the physical and logical faults according to the different nature of network faults.

1. Physical fault

Physical failure refers to damage to equipment or lines, loose plugs, serious electromagnetic interference on lines, and so on. For example, when a network manager finds that a certain line of the network is suddenly interrupted, they first use ping or fping to check whether the line is connected on this side of the network management center.

The format of ping is: pingwww.cisco.com or ping 192.168.0.1 (192.168.0.1 is the IP address, which can be the IP of the host or the IP of another computer in the network). Generally, ping can only detect connectivity from one end to the other at a time, but cannot detect connectivity from one end to more than one end at a time, but fping can ping multiple IP addresses at a time, such as the entire network segment address of Class C. By the way, network administrators often find that someone scans a large number of IP addresses of the network in turn, not necessarily *, fping can also do it. If the "Requst time out" message appears several times in ping, it indicates that the network is not working. At this time to check whether the port plug is loose, or network plug misconnection, this situation is often not clear about the network plug specifications or do not understand the network topology planning.

In another case, if two routers Router are directly connected, the exit of one router should be connected to the entrance of the other router, and the entrance of this router should be connected to the exit of the other router. Of course, hub Hub, switch, and multiplexer must also be connected correctly, otherwise it will also cause network outage. There are also some network connection failures appear to be very hidden, to diagnose this kind of fault there is no particularly good tool, we can only rely on experienced network managers.

two。 Logic fault

The most common case of logic failure is configuration error, which refers to the network exception or failure caused by the configuration of network equipment. The configuration error may be due to the missetting of the router port parameters, or the misconfiguration of the router route so that the route loop or the remote address cannot be found, or the routing mask is misset. For example, if there is also a line failure in the network, and the line has no traffic, but can ping the ports at both ends of the line, it is very likely that the routing configuration is wrong. In this case, we usually use the "route tracker" is traceroute, which is similar to ping, the biggest difference is that traceroute divides the end-to-end line into multiple segments according to the router through which the line passes, and then returns the response and delay with each segment. If it is found that two IP addresses appear in a loop after a certain segment of the traceroute result, it is generally the far end of the line that points the port route to the near end of the line, causing IP packets to be passed back and forth on the line. Fortunately, traceroute can detect which router can respond normally, and which router can not respond properly. At this point, you only need to change the port configuration of the remote router to restore the line to normal.

Another type of logic failure is some important process or port shutdown, and the system load is too high. For example, the line is also interrupted, there is no traffic, using ping to find that the line port is not available, inspection found that the port is in the state of down, which means that the port has been closed, resulting in failure. At this point, you only need to restart the port to restore the connectivity of the line. Another common situation is that the router load is too high, such as the router CPU temperature is too high, the CPU utilization is too high, and there is too little memory left, and so on. If this affects the quality of network service, the most direct and best way is to replace the router, of course, for a better one. (if you have any silver)

According to the different objects of the fault, network fault can also be divided into: line fault, routing fault and host fault.

1. Line fault

The most common situation of line failure is that the line is blocked. To diagnose this situation, first check whether the traffic on the line still exists, then use ping to check whether the router port at the far end of the line can respond, use traceroute to check whether the router configuration is correct, and find out the problems to be solved one by one. The method has been mentioned earlier, so I won't say much here.

two。 Router failure

In fact, many cases of line failures involve routers, so some line failures can also be attributed to router failures. To detect this fault, it is necessary to use MIB variable browser to collect router routing table, port flow data, billing data, router CPU temperature, load and router memory spare data. Usually, the network management system has a special management process to constantly detect the key data of the router and give the alarm in time. The high utilization of router CPU and the small amount of router memory will directly affect the quality of network service. To solve this problem, we can only upgrade the router, expand the memory, or replan the network topology.

3. Host fault

The common phenomenon of host failure is the improper configuration of the host. For example, the IP address configured by the host conflicts with other hosts, or the IP address root is not in the subnet range, resulting in the host being unable to connect. Another fault of the mainframe is the security failure. For example, the host does not control the redundant services such as finger,RPC,rlogin on it. The attackers can use the normal service of these redundant processes or bug*** the host, or even get the permission of Administrator, and so on. It is also worth noting that do not easily share the local hard disk, as this will cause malicious people to illegally exploit the resources of the host. It is generally difficult to find the failure of the host, especially the malicious ones of others. Possible vulnerabilities can generally be prevented by monitoring host traffic, or by scanning host ports and services. Finally, I would like to remind you not to forget to install the firewall, because this is the easiest and safest way.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.