IN THIS CHAPTER

Troubleshooting with Windows Network Diagnostics

Repairing individual network connections on Windows Server

Identifying and fixing common network configuration errors

Troubleshooting with command-line utilities

Using third-party troubleshooting tools

It never fails: It’s Friday and you’re getting ready to head home. Just as you’re leaving, you get a call that there is a networking issue on one or more of your servers. Maybe your systems are down. Maybe they’re intermittently up and down. Your mission, should you choose to accept it (do you have a choice?), is to find the issue and fix it.

This chapter covers some of the built-in troubleshooting capabilities of the operating system and some of the more common configuration issues you may experience with new systems and older systems.

Using Windows Network Diagnostics

Sometimes the network issue is super obvious, and sometimes it isn’t. For instance, your server may indicate that its network cable is unplugged, yet when you look, there is still a cable plugged in. That could mean you have a bad cable. a bad switchport, or a bad network interface card (NIC) on the server. Those are hardware issues, and unfortunately, you’re on your own when you’re troubleshooting hardware issues. Software issues on the other hand, can be addressed with the Microsoft Windows Network Diagnostics. Follow these steps:

1. Click the Start menu, and then click the gear icon for the Settings menu.
2. Click Network & Internet.

3. On the Status page, scroll down and select Network Troubleshooter.

   The wizard searches for and tries to fix the issue. If it doesn’t find anything wrong, you see a screen similar to Figure 4-1.

4. Click Close to close out of the troubleshooter.

There is an additional method to launch an Internet-specific troubleshooting tool. This tool is not focused on internal network issues. It’s focused specifically on Internet connectivity issues. To get to the Internet Connections troubleshooting tool, follow these steps:

1. Click the Start menu, and then click the gear icon for the Settings menu.
2. Click Update & Security.

3. Select Troubleshoot.

   The Troubleshoot utility runs and lets you know if it finds anything.

4. If it doesn’t find anything wrong, you can click the Additional Troubleshooters link, where you gain access to a wide array of troubleshooting utilities, shown in Figure 4-2.
5. Click Close to close out of the troubleshooter.

Repairing Individual Connections

You can work directly with the network adapter that is having the issue. This can be very beneficial if a system has multiple network adapters and you need to test them one at a time. The software utility that Microsoft provides is pretty good at finding software issues like disabled adapters and misconfigurations. Follow these steps:

1. Click the Start menu, and then click the gear icon for the Settings menu.
2. Click Network & Internet.
3. On the Status page, scroll down and select Change Adapter Options.

4. Right-click the network adapter you want to check and select Diagnose.

   The Windows Network Diagnostics wizard launches and tries to find an error. If it’s successful, it will let you know what issue it found. In my example in Figure 4-3, it has found that the network adapter is disabled and has fixed the issue by re-enabling the adapter.

Of course, just because a system is having a network issue, it doesn’t mean that there is a software issue. Hardware issues can be harder to track down because the troubleshooting utility won’t really be able to help. Here are some common issues that can affect the network connections on a system:

• Bad cable: Ethernet cables have a piece of copper running down the middle of the cable. Fiber-optic cable has glass fibers running down the length of the cable. If the medium used for transmission is damaged, you’ll lose your connections. Look out for kinks in the cable and sharp bends. Look for areas where the cable appears to have been stretched. The fix for this issue is to replace the damaged cable.
• Bad cable connectors: The connectors on the cables can go bad as well. The connectors used with Ethernet and with fiber-optic cabling are usually made out of plastic. They can crack if too much strain is put on them. The medium inside of the cable may become disconnected if the cable is pulled on rather than the connector. Fixing this issue is simple if you have the right tools. To replace the connector on an Ethernet cable, all you need to do is strip back the UTP cabling and press the eight wires into their appropriate channels. The inner wires are color coded; make sure that you’re following the right standard, or the new connector won’t work. Replacing the connector on a fiber-optic cable is a little more complicated. You have to cut the fiber-optic cable and polish the glass end. Repairing fiber is easier to leave to the pros when you can.
• Faulty switchport: The switchport that the system is connected to may be having issues. Sometimes ports can go bad, or a network administrator may have mistakenly turned off the port. To see if this is the issue, have the network administrator see if the port is up. If it isn’t, have the network administrator re-enable it. If the port should be up but it’s not working, you can move the cable to a different network port on the switch once your network administrator gets it set up for you.
• Bad NIC: If your NIC goes bad, you’ll need to replace it. Unfortunately, this means that your system will need to be powered down so that you can replace the card.

Network Troubleshooting at the Command Line

If the Windows Network Diagnostics Wizard doesn’t find anything wrong, there are a few more things you can try. Each of the following commands needs to be run in the Command Prompt. Follow these steps:

1. Click Start and scroll down to Windows System.
2. Click Command Prompt and try each of the following commands (in this order):

   1. Reset the Transmission Control Protocol/Internet Protocol (TCP/IP) stack.

      netsh winsock reset

      netsh int ip reset

   2. Release your old IP address.

      ipconfig /release

   3. Renew your IP address.

      ipconfig /renew

   4. Flush your Domain Name System (DNS) cache on your system.

      ipconfig /flushdns

There are a few additional commands that can be useful when troubleshooting from the Command Prompt.

• ping: The ping command gives you simple feedback. It lets you know how many packets it sent, how many packets it received, and what the latency was between the sending and receiving. By default, ping will send four packets, but you can adjust the number of pings, or make it a continuous ping if needed. (See Figure 4-4 for an example of ping.)
• tracert: The tracert (trace route) utility can help you pinpoint where a problem exists. It reports back along each hop until it gets to the destination that you specified. By default, it will go to a max of 30 hops.
• pathping: Works very similar to the tracert command and can provide information about network latency and network packet loss.
• telnet: Can be used to test if a certain port is open. You need to have the Telnet client installed for this to work. Your security team may not be happy to find Telnet on a system, so make sure that you aren't violating company policy by installing it. Many systems have been configured to not display banners — if you don’t get an error, you were probably successful in connecting to whichever resource you wanted to test.

Working with Windows Firewall

Network issues can be very frustrating to troubleshoot. You may find that everything looks just fine, and you aren’t sure what’s happening. If you suspect that Windows Firewall is the issue, you can use Event Viewer to see if Windows Firewall has blocked traffic to or from your server. Follow these steps:

1. From Server Manager, choose Tools⇒  Event Viewer.
2. Double-click Applications and Services Log to expand it.
3. Click Microsoft, Windows, and Windows Firewall with Advanced Security.

4. Double-click Firewall.

   When the Windows Firewall blocks something, you’ll see a message similar to Figure 4-5.

If you can’t find anything that was blocked, you can temporarily turn off Windows Firewall to see if that will resolve the issue. Just make sure that doing so isn’t against organizational policy before you attempt it.

To turn off the firewall, follow these steps:

1. Click the Start menu, scroll down to Windows System, and choose Command Prompt.
2. Type the following command and press Enter.

   netsh advfirewall set allprofiles state off

To turn the firewall back on, follow these steps:

1. Click the Start menu, scroll down to Windows System, and choose Command Prompt.
2. Type the following command and press Enter.

   netsh advfirewall set allprofiles state on

Making Sense of Common Configuration Errors

Server hardware is usually pretty reliable. Some issues may be caused by problematic hardware, but most often the issue stems from a misconfiguration of some kind.

In the following sections, I walk you through some common issues that system administrators have to deal with.

Working with Other Troubleshooting Tools

Some third-party utilities can be very handy in helping you find network issues. Table 4-1 lists a few of my favorites. Some are free, and some cost money. In general, free products may have no or limited support, so you may want to consider that if you choose to look at third-party tools.