Troubleshooting IP Addressing
Troubleshooting IP addressing is obviously an important skill because running into trouble somewhere along the way is pretty much a sure thing, and it's going to happen to you. No, I'm not a pessimist; I'm just keeping it real. Because of this nasty fact, it will be great when you can save the day because you can both figure out (diagnose) the problem and fix it on an IP network whether you're at work or at home!
So, this is where I'm going to show you the “Cisco way” of troubleshooting IP addressing. Let's use the following as an example of your basic IP troubleshooting—poor Sally can't log in to the Windows server. Do you deal with this by calling the Microsoft team to tell them their server is a pile of junk and causing all your problems? Probably not such a great idea—let's first double-check our network instead.
Okay, let's get started by going over the troubleshooting steps that Cisco follows. They're pretty simple but important nonetheless. Pretend you're at a customer host, and they're complaining that they can't communicate to a server that just happens to be on a remote network. Here are the four troubleshooting steps Cisco recommends:
- Open a command prompt window and ping 127.0.0.1. This is the diagnostic, or loopback, address, and if you get a successful ping, your IP stack is considered to be initialized. If it fails, then you have an IP stack failure and need to reinstall TCP/IP on the host.
C:>ping 127.0.0.1 Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
- From the command window, ping the IP address of the local host. If that's successful, your network interface card (NIC) is functioning. If it fails, there is a problem with the NIC. Success here doesn't mean that a cable is plugged into the NIC, only that the IP protocol stack on the host can communicate to the NIC (via the LAN driver).
C:>ping 172.16.10.2 Pinging 172.16.10.2 with 32 bytes of data: Reply from 172.16.10.2: bytes=32 time<1ms TTL=128 Reply from 172.16.10.2: bytes=32 time<1ms TTL=128 Reply from 172.16.10.2: bytes=32 time<1ms TTL=128 Reply from 172.16.10.2: bytes=32 time<1ms TTL=128 Ping statistics for 172.16.10.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms - From the command prompt window, ping the default gateway (router). If the ping works, it means that the NIC is plugged into the network and can communicate on the local network. If it fails, you have a local physical network problem that could be anywhere from the NIC to the router.
C:>ping 172.16.10.1 Pinging 172.16.10.1 with 32 bytes of data: Reply from 172.16.10.1: bytes=32 time<1ms TTL=128 Reply from 172.16.10.1: bytes=32 time<1ms TTL=128 Reply from 172.16.10.1: bytes=32 time<1ms TTL=128 Reply from 172.16.10.1: bytes=32 time<1ms TTL=128 Ping statistics for 172.16.10.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms - If steps 1 through 3 were successful, try to ping the remote server. If that works, then you know that you have IP communication between the local host and the remote server. You also know that the remote physical network is working.
C:>ping 172.16.20.2 Pinging 172.16.20.2 with 32 bytes of data: Reply from 172.16.20.2: bytes=32 time<1ms TTL=128 Reply from 172.16.20.2: bytes=32 time<1ms TTL=128 Reply from 172.16.20.2: bytes=32 time<1ms TTL=128 Reply from 172.16.20.2: bytes=32 time<1ms TTL=128 Ping statistics for 172.16.20.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
If the user still can't communicate with the server after steps 1 through 4 are successful, you probably have some type of name resolution problem and need to check your Domain Name System (DNS) settings. But if the ping to the remote server fails, then you know you have some type of remote physical network problem and need to go to the server and work through steps 1 through 3 until you find the snag.
Before moving on to determining IP address problems and how to fix them, I just want to mention some basic DOS commands that you can use to help troubleshoot your network from both a PC and a Cisco router (the commands might do the same thing, but they are implemented differently).
Packet InterNet Groper (ping) Uses ICMP echo request and replies to test if a node IP stack is initialized and alive on the network. Does a basic test of the host's TCP/IP protocol stack. If you want to test your host's IP stack, you would ping 127.0.0.1.
traceroute Displays the list of routers on a path to a network destination by using TTL timeouts and ICMP error messages. This command will not work from a command prompt.
tracert Same command as traceroute, but it's a Microsoft Windows command and will not work on a Cisco router. It is critical that you remember where the commands traceroute and tracert are used.
telnet Tests the virtual teletype (VTY) configuration. Makes your host a dumb host and allows you to run programs on a remote host. If you can telnet from one host to another, both hosts have good TCP/IP connectivity.
arp -a Displays IP-to-MAC-address mappings on a Windows PC.
show ip arp Same command as arp -a, but displays the ARP table on a Cisco router. Like the commands traceroute and tracert, they are not interchangeable through DOS and Cisco.
ipconfig /all Used only from a Windows command prompt and displays the PC network configuration.
Once you've gone through all these steps and used the appropriate commands, if necessary, what do you do if you find a problem? How do you go about fixing an IP address configuration error? Let's move on and discuss how to determine the IP address problems and how to fix them.
Determining IP Address Problems
It's common for a host, router, or other network device to be configured with the wrong IP address, subnet mask, or default gateway. Because this happens way too often, I'm going to teach you how to both determine and fix IP address configuration errors.
Once you've worked through the four basic steps of troubleshooting and determined there's a problem, you obviously then need to find and fix it. It really helps to draw out the network and IP addressing scheme. If it's already done, consider yourself lucky and go buy a lottery ticket, because although it should be done, it rarely is. And if it is, it's usually outdated or inaccurate anyway. Typically it is not done, and you'll probably just have to bite the bullet and start from scratch.
I'll show you how to draw out your network using CDP in Chapter 5, “Managing a Cisco Internetwork.”
Once you have your network accurately drawn out, including the IP addressing scheme, you need to verify each host's IP address, mask, and default gateway address to determine the problem. (I'm assuming that you don't have a physical problem or that if you did, you've already fixed it.)
Let's check out the example illustrated in Figure 3.3. A user in the sales department calls and tells you that she can't get to ServerA in the marketing department. You ask her if she can get to ServerB in the marketing department, but she doesn't know because she doesn't have rights to log on to that server. What do you do?
FIGURE 3.3 IP address problem 1
You ask the client to go through the four troubleshooting steps that you learned about in the preceding section. Steps 1 through 3 work, but step 4 fails. By looking at the figure, can you determine the problem? Look for clues in the network drawing. First, the WAN link between the Lab_A router and the Lab_B router shows the mask as a /27. You should already know that this mask is 255.255.255.224 and then determine that all networks are using this mask. The network address that is subnetted is 192.168.1.0. What are our valid subnets and hosts? 256 − 224 = 32, so this makes our subnets 32, 64, 96, 128, and so on. So, by looking at the figure, you can see that subnet 32 is being used by the sales department, the WAN link is using subnet 96, and the marketing department is using subnet 64.
Now you have to determine what the valid host ranges are for each subnet. From what you learned at the beginning of this chapter, you should now be able to easily determine the subnet address, broadcast addresses, and valid host ranges. The valid hosts for the Sales LAN are 33 through 62—the broadcast address is 63 because the next subnet is 64, right? For the Marketing LAN, the valid hosts are 65 through 94 (broadcast 95), and for the WAN link, 97 through 126 (broadcast 127). By looking at the figure, you can determine that the default gateway on the Lab_B router is incorrect. That address is the broadcast address of the 64 subnet, so there's no way it could be a valid host.
Did you get all that? Maybe you should try another one, just to make sure. Figure 3.4 shows a network problem. A user in the Sales LAN can't get to ServerB. You have the user run through the four basic troubleshooting steps and find that the host can communicate to the local network but not to the remote network. Find and define the IP addressing problem.
FIGURE 3.4 IP address problem 2
If you use the same steps used to solve the previous problem, you can see first that the WAN link again provides the subnet mask to use—/29, or 255.255.255.248. You need to determine what the valid subnets, broadcast addresses, and valid host ranges are to solve this problem.
The 248 mask is a block size of 8 (256 − 248 = 8), so the subnets both start and increment in multiples of 8. By looking at the figure, you see that the Sales LAN is in the 24 subnet, the WAN is in the 40 subnet, and the Marketing LAN is in the 80 subnet. Can you see the problem yet? The valid host range for the Sales LAN is 25–30, and the configuration appears correct. The valid host range for the WAN link is 41–46, and this also appears correct. The valid host range for the 80 subnet is 81–86, with a broadcast address of 87 because the next subnet is 88. ServerB has been configured with the broadcast address of the subnet.
Okay, now that you can figure out misconfigured IP addresses on hosts, what do you do if a host doesn't have an IP address and you need to assign one? What you need to do is look at other hosts on the LAN and figure out the network, mask, and default gateway. Let's take a look at a couple of examples of how to find and apply valid IP addresses to hosts.
You need to assign a server and router IP addresses on a LAN. The subnet assigned on that segment is 192.168.20.24/29, and the router needs to be assigned the first usable address and the server the last valid host ID. What are the IP address, mask, and default gateway assigned to the server?
To answer this, you must know that a /29 is a 255.255.255.248 mask, which provides a block size of 8. The subnet is known as 24, the next subnet in a block of 8 is 32, so the broadcast address of the 24 subnet is 31, which makes the valid host range 25–30.
Server IP address: 192.168.20.30
Server mask: 255.255.255.248
Default gateway: 192.168.20.25 (router's IP address)
As another example, let's take a look at Figure 3.5 and solve this problem.
FIGURE 3.5 Find the valid host.
Look at the router's IP address on Ethernet0. What IP address, subnet mask, and valid host range could be assigned to the host?
The IP address of the router's Ethernet0 is 192.168.10.33/27. As you already know, a /27 is a 224 mask with a block size of 32. The router's interface is in the 32 subnet. The next subnet is 64, so that makes the broadcast address of the 32 subnet 63 and the valid host range 33–62.
Host IP address: 192.168.10.34–62 (any address in the range except for 33, which is assigned to the router)
Mask: 255.255.255.224
Default gateway: 192.168.10.33
Figure 3.6 shows two routers with Ethernet configurations already assigned. What are the possible host addresses and subnet masks of hosts A and B?
FIGURE 3.6 Find the valid host (#2).
RouterA has an IP address of 192.168.10.65/26, and RouterB has an IP address of 192.168.10.33/28. What are the host configurations? RouterA Ethernet0 is in the 192.168.10.64 subnet, and RouterB Ethernet0 is in the 192.168.10.32 network.
HostA IP address: 192.168.10.66–126
HostA mask: 255.255.255.192
HostA default gateway: 192.168.10.65
HostB IP address: 192.168.10.34–46
HostB mask: 255.255.255.240
HostB default gateway: 192.168.10.33
Just a couple more examples, and then this chapter is history. Hang in there!
Figure 3.7 shows two routers; you need to configure the S0/0 interface on RouterA. The network assigned to the serial link is 172.16.17.0/22. What IP address can be assigned?
FIGURE 3.7 Find the valid host address (#3).
First, you must know that a /22 CIDR is 255.255.252.0, which makes a block size of 4 in the third octet. Since 17 is listed (and you know that can't be the actual subnet address, but Cisco is trying to trick you), the available range is 16.1 through 19.254; so, for example, the IP address S0/0 could be 172.16.18.255 since that's within the range.
In Figure 3.8, why can't HostA communicate with HostB?
FIGURE 3.8 IP communication problem
Again, what is your mask? That is always how you should start. Then you want to figure out the block size in the interesting octet. A /27 is 255.255.255.224, which is a block size of 32 in the fourth octet. The subnets are 0, 32, 64, 96, and so on. By looking at the figure, you can see that the HostA LAN is in the 32 subnet, the WAN is in the 64 subnet, and the HostB LAN is connected to the 96 subnet. Right away you should see that the WAN connection is not configured correctly. RouterA's serial 0/0 is configured with an IP address in the HostA LAN subnet range.
Okay, last one! You have one Class C network ID, and you need to provide one usable subnet per city while allowing enough usable host addresses for each city specified in Figure 3.9. What is your mask?
FIGURE 3.9 Find the valid subnet mask.
Actually, this is probably the easiest thing you've done all day! I count 5 subnets needed and the Wyoming office needs 16 users (always look for the network that needs the most hosts). What block size is needed for the Wyoming office? 32. (Remember, you cannot use a block size of 16 because you always have to subtract 2!) What mask provides you with a block size of 32? 224. Bingo! This provides 8 subnets, each with 30 hosts.