Lesson 21. Troubleshoot Network Issues

This lesson builds on the network topics covered in Lesson 19, “Manage Basic Network Settings,” and Lesson 20, “Manage Advanced Network Settings.” A solid understanding of general network technologies and the macOS network configuration architecture is necessary to effectively troubleshoot network issues from a Mac. This lesson first covers general network troubleshooting and common network issues. Then, digging deeper, you will learn how to use the built-in macOS network troubleshooting tools, including the Network Diagnostics and Network Utility applications.

To help isolate network issues, you can categorize them into three general areas:

Local issues—These are usually related to either improperly configured network settings or disconnected network connections.

Network issues—These are by far the hardest to pinpoint—literally hundreds of points of failure could be involved. It always helps to be familiar with the physical topology of your network. Start by checking the devices that provide network access closest to your Mac. Something as simple as a bad Ethernet port on a network switch can cause problems. As you move on to investigating devices farther away from your Mac, you will find that it’s often easiest to start your investigation using the network diagnostic utilities included with macOS.

Service issues—These issues are related to the actual network device or service you are trying to access. For example, the devices providing DHCP or DNS services could be temporarily down or improperly configured. It’s often easy to determine whether the problem is with the service alone by testing other network services. If the other network services work, you’re probably not dealing with network or local issues. Again, macOS provides some useful diagnostic tools for testing service availability. Troubleshooting network services is also covered in Lesson 22, “Manage Network Services.”

You will be using three main tools for diagnosing network issues in macOS: Network preferences, Network Diagnostics, and Network Utility.

Network status indicators are as follows:

Green—The connection is active and configured with TCP/IP settings. This, however, does not guarantee that the service is using the proper TCP/IP settings.

Yellow—The connection is active but the TCP/IP settings are not properly configured. If you are still experiencing problems with this service, double-check the network settings. If the settings appear sound, move on to the other diagnostic utilities.

Red—This status usually indicates either improperly configured network settings or disconnected network interfaces. If this is an always-on interface, check for proper physical connectivity. If this is a virtual or Point-to-Point Protocol connection, double-check the settings and attempt to reconnect.

You should also verify the Ethernet status from Network preferences, as detailed in the next section. Also, keep an eye out for substandard Ethernet cabling or problematic switching hardware. A symptom of these issues would be a large number of packet errors, which you can verify with Network Utility, as covered later in this lesson.

You may also find that while the Ethernet switch registers a link, Network preferences still shows the link as down. This issue may be resolved by manually setting a slower speed in the advanced hardware settings of Network preferences, as covered in Lesson 20, “Manage Advanced Network Settings.”

The Wi-Fi status menu can also serve as a diagnostic tool if you hold down the Option key when choosing this menu item. This view shows connection statistics for the currently selected Wi-Fi network. Of particular note is the Tx Rate entry, which shows (in megabits per second) the current data rate for the selected Wi-Fi network. The Wi-Fi status menu is capable of other diagnostic tricks, including helping you quickly identify network issues and opening the Wireless Diagnostics application.

Opening the Wireless Diagnostics application reveals an assistant interface. The first feature of the Wireless Diagnostics application is to create and save a diagnostic report archive. The creation of the diagnostic report requires administrator authentication, but it will collect a huge amount of information about the Mac computer’s wireless and network configuration. The resulting compressed archive will automatically appear only in the /var/tmp folder.

The wireless diagnostics archive contains relevant files that would help experienced technical support staff diagnose a tricky connection issue. Of course, you can certainly expand the archive generated by the Wireless Diagnostics application and explore the contents on your own. However, the details of the collected items are beyond the scope of this guide.

Despite the potential complexity of the diagnostic reports, in the Wireless Diagnostics application you’ll also find a variety of additional advanced wireless network utilities. Whenever you have the application open, you can reveal these additional utilities from the Window menu.

Again, descriptions of detailed use of these advanced wireless tools are beyond the scope of this guide. However, when working with wireless vendors or support specialists in trying to resolve tricky wireless issues, you will find that these wireless utilities are extremely valuable. For example, the Performance window provides a real-time view of the radio signal quality. With the wireless performance utility open, you can physically move a Mac portable device around an area to identify wireless “dead zones.”

Self-assigned address configuration is always in the IP address range of 169.254.xxx.xxx, with a subnet mask of 255.255.0.0 and lacking a router address. The network client automatically generates a random self-assigned address and then checks the local network to make sure no other network device is using that address.

Once a unique self-assigned address is established, the network client can establish connections only with other network devices on the local network. Consequently, a client configured with a self-assigned address may be able to communicate with other devices on the LAN, but it doesn’t have access to WAN or Internet resources.

Though it’s rare, the macOS DNS resolution services can sometimes cache out-of-date DNS information and return inaccurate results. If you suspect your DNS issues are due to old information, you can either restart the Mac or flush the DNS service caches. You can find out more about this process from Apple Support article HT202516, “Reset the DNS cache in OS X.”

Network Diagnostics Assistant asks you a few simple questions about your network setup, and then, based on your answers, it runs a battery of tests to determine where the problem might be occurring. Test results are displayed using colored indicators on the left side of the window. If there are problems, the assistant makes suggestions for resolution.

Network Utility provides a selection of popular network identification and diagnostic tools. In fact, most of the tools in Network Utility are based on UNIX command-line network utilities that have been used by network administrators for years.

Network Utility is broken up into the following sections:

Info—Allows you to inspect details regarding hardware network interfaces

Netstat—Shows routing information and network statistics

Ping—A fundamental network troubleshooting tool that lets you test network connectivity and latency

Lookup—Lets you test DNS resolution

Traceroute—Helps you analyze how your network connections are routed to their destination

Whois—Lets you query whois database servers and find the owner of a DNS domain name or IP address of registered hosts

Finger—Enables you to gather information based on a user account name from a network service

Port Scan—A handy tool for determining whether a network device has services available

Network Utility can also be opened when your Mac is started from macOS Recovery, as covered in Lesson 3, “Use macOS Recovery.” Whenever the Mac is started from macOS Recovery, you can open Network Utility by choosing it from the Utilities menu. However, when running from a macOS Recovery system, you do not have access to Network preferences. This means the Mac does not automatically activate built-in wired Ethernet connections and attempt to acquire configuration via DHCP. Alternatively, the Wi-Fi status menu is available, allowing you to temporarily connect to wireless networks.

Start by selecting the specific interface you’re having issues with from the pop-up menu. You’ll notice that the selections here do not necessarily match the service names given in Network preferences. Instead, this menu shows the interfaces using their interface type and UNIX-given names.

Once you have selected an interface, you can view general interface information to the left and transfer statistics to the right. The primary pieces of information you’re looking for here are link status, link speed, and IP address(es). Only active hardware network interfaces show as such, and the link speed indicates whether the interface is establishing a proper connection. Obviously, a proper IP address is required to establish a TCP/IP connection. You can also identify the selected interface’s MAC address, which is used to identify this particular interface on the LAN.

As a final validation of the selected network interface, you can view recent transfer statistics. If you open other network applications to stir up some network traffic, you can verify that packets are being sent and received from this interface. If you are seeing activity here but still experiencing problems, the issue is most likely due to a network or service problem and not the actual network interface. Or, if this interface is experiencing transfer errors, a local network hardware connectivity issue may be the root of your problem.

To resolve hardware network interface issues, always start by checking the physical connection. With wired networks, try different network ports or cabling to rule out physical connection issues. With wireless networks, double-check the Wi-Fi settings and the configuration of any wireless base stations. On rare occasions, you may find that the Mac computer’s network hardware is somehow no longer working properly, in which case you should take your Mac to an Apple Authorized Service Provider.

To use ping, open Network Utility and then click the Ping tab. Start by entering an IP address to a device on the LAN that should always be accessible, like the network router. Remember that using a domain name assumes that your Mac is properly communicating with a DNS server, which might not be the case if you’re troubleshooting connectivity issues.

Click the Ping button to initiate the ping process. If the ping is successful, it returns the amount of time it took for the ping to travel to the network device and back. This is typically within milliseconds; experiencing ping times any longer than a full second is unusual.

Once you have established successful pings to local devices, you can branch out to WAN or Internet addresses. Using the ping tool, you may find that everything works except for the one service you were looking for that prompted you to start troubleshooting the network.

To verify DNS lookup, open Network Utility and then click the Lookup tab. Start by entering the host name of a device or service in your local domain. If you can resolve local host names but not Internet host names, this indicates that your local DNS server is resolving local names but is not properly connecting to the worldwide DNS network. If you don’t have a local domain, you can use any Internet host name.

Click the Lookup button to initiate the network lookup process. A successful forward lookup returns the IP address of the host name you entered. A successful reverse lookup returns the host name of the IP address you entered. If you are unable to successfully return any lookups, your Mac is not connecting to the DNS server. You can verify this by pinging the DNS server IP address to test for basic connectivity.

To verify a network TCP/IP route, open Network Utility and then click the Traceroute tab. Start by entering an IP address to a device on the LAN that should always be accessible, like the network router. Remember that using a domain name assumes that your Mac is properly communicating with a DNS server, which might not be the case if you’re troubleshooting connectivity issues.

Click the Trace button to initiate the traceroute process. If traceroute is successful, it returns with the list of routers required to complete the connection and the amount of time it took for the ping to travel to each network router. It sends three probes at each distance, so three times are listed for each hop. Again, the delay is typically measured in milliseconds; experiencing delay times of any longer than a full second is unusual.

Once you have established successful routes to local devices, you can branch out to WAN or Internet addresses. Using the traceroute tool, you may find that a specific network router is the cause of the problem.

Network connectivity issues can be complex, but familiarity with the arsenal of tools included in macOS will help you develop a solid plan of attack for their resolution. In this exercise, you will misconfigure your network settings and then use the built-in troubleshooting tools in macOS to see how they show the symptoms of the problem and allow you to isolate the problem.

2 If necessary, open the Network pane in System Preferences, and authenticate as Local Admin.

3 Note the currently selected location so that you can return to it at the end of the exercise.

4 From the Location pop-up menu, choose Edit Locations.

5 Select the current location, and then choose Duplicate Location from the Action (gear icon) pop-up menu below the location list.

6 Name the new location Broken DNS, and then click Done.

7 Switch to the Broken DNS location, if necessary.

8 Click Apply.

9 Select the primary network service (the one at the top of the list on the left), and click Advanced.

10 Click DNS.

11 Click the Add (+) button under the DNS Servers list, and add the server address 127.0.0.55.

No DNS server is available at this address. The 127.0.0 prefix is reserved for computers to talk to themselves (known as local loopback addresses), but macOS uses only 127.0.0.1 for this. As a result, this is effectively an invalid address.

12 If there are any other entries in the DNS Servers list, make a note of them so you can add them back later, and then use the Delete (–) button to remove them.

13 Click TCP/IP.

14 From the Configure IPv6 pop-up menu, choose “Link-local only.”

This will prevent IPv6 from acting as an alternate Internet connection.

15 Click OK, and then click Apply.

2 Enter www.apple.com in the address bar, and press Return.

Safari attempts to load the webpage, but its progress bar does not get far because it is not able to reach anything. If you leave it long enough, it will eventually give up and display an error, but you do not need to wait for this.

3 Quit Safari.

1 If necessary, open System Preferences, and select the Network pane.

2 Examine the status indicators next to the network services, as well as the order in which they appear in the list.

If the network service you expected to be active were not showing a green status indicator, it would immediately tell you that something was wrong with the connection (loose cable, not joined to wireless network, and so on) or that critical settings were missing (no IP address, and so on).

If the wrong service were at the top of the list, it would indicate either that the service order was set incorrectly or that unexpected services were active.

In this case, the expected service is green and at the top of the list, so more detailed troubleshooting is necessary.

1 In Network preferences, click Assist Me near the bottom of the window.

A dialog asks if you want assistance setting up a new network configuration or solving a network problem.

2 Click Diagnostics.

Network Diagnostics opens and automatically runs a series of automated tests. Several status indicators show the results.

In the following example, the Wi-Fi, Wi-Fi Settings, Network Settings, and ISP tests passed (that is, there is a live Wi-Fi connection, it has network settings associated with it, and it can reach as far as your Internet provider), but the Internet and Server tests failed. Your results may differ depending on what type of connection you have.

The Network Diagnostics tool gives a little more information about what parts of your network connection are working and which aren’t, and may even identify the cause of the problem. You could use Network Diagnostics to troubleshoot and repair this, but instead you will take this opportunity to see what Network Utility can show.

3 Quit Network Diagnostics.

Network Utility is in /System/Library/CoreServices/Applications, but you can launch it easily with Spotlight.

1 Press Command-Space bar to activate Spotlight.

2 Enter network, and then click Network Utility in the search results. Note that it may not be the first result.

3 In Network Utility, click the Ping tab.

4 In the “Enter the network address to ping” field, type the domain name of the server you are trying to reach (www.apple.com).

5 Enter 5 in the “Send only” field, and make sure it is selected.

6 Click the Ping button.

After about 30 seconds, you receive a message telling you that it could not resolve www.apple.com. This message indicates that the ping tool was not able to use DNS to look up, or resolve, the name www.apple.com and match it to an IP address to send the ping to. In this case, you know that the name www.apple.com is valid because you have used it before, so this indicates that something is wrong with DNS.

Although this gives you some more information about the problem, it still does not tell you where the problem is. It can be hard to tell the difference between a DNS problem and a complete network failure. If DNS resolution is the only thing failing, it can mimic a complete failure because almost all network access starts with (and depends on) a DNS lookup. On the other hand, if the network is completely disconnected, most attempts to use the network fail at the DNS step, so the only visible symptoms will be DNS errors.

One good way to distinguish between a DNS-only problem and a complete network failure is to try to reach a server by its numeric IP address. This bypasses the usual DNS lookup and hence works even if DNS is broken.

7 In the “Enter the network address to ping” field, enter the numeric IP address 8.8.8.8. This is an easy-to-remember address of a public server maintained by Google.

8 Click Ping.

This time, ping reaches the remote computer successfully and shows statistics for its five test pings.

This tells you that your basic network connectivity is OK; it is likely just DNS that is not working.

1 In Network Utility, click the Lookup tab.

2 In the “Enter an internet address to lookup” field, enter the address www.apple.com.

3 Click Lookup.

After about 30 seconds, you receive a message that the operation couldn’t be completed. This is essentially the same result you got with the ping tool.

Unlike the Broken DNS location, this one has valid settings, so your Internet connectivity should be back to normal.

2 In the Network Utility, click Lookup again.

This time the lookup tool reaches a DNS server and finds the IP address corresponding to the domain name www.apple.com.

Note that the address you see may be different from the one shown here because the Apple website is served by a number of servers scattered around the Internet and uses DNS to direct you to a server near your network location for faster access.

If you knew what specific address the name should resolve to, you could verify that, but the fact that it resolved to an IP address at all is a good indication that DNS is working.

3 Open Safari, and try browsing a website.

This time, Safari is able to successfully load webpages from the Internet.

1 Switch to Network Utility, and click the Info tab.

2 Select your computer’s primary network interface from the pop-up menu.

The left side of the pane shows information about the active network connection, and the right side shows statistics about the network packets sent and received through this interface.

3 Arrange the Safari and Network Utility windows so that Safari is in front but not blocking the Transfer Statistics section of the Network Utility window.

4 In Safari, press Command-R to reload the current page.

The Sent Packets and Recv Packets entries increase while Safari reloads the current page.

5 In Network Utility, select another network interface from the pop-up menu.

6 Switch to Safari, and reload the current page.

The packet counts for this interface might increase slightly because of miscellaneous network chatter but should not respond specifically to refreshing in Safari.

You can use this feature of Network Utility to see which network interface your connections are actually running through.

7 Quit Safari, Network Utility, and System Preferences.