Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Troubleshooting 101 Tips and Tricks

Status
Not open for further replies.
jacob200

jacob200

IS-IT--Management
Sep 6, 2000
56
0
0
US
I want to get some feedback to help me put together a methodology for troubleshooting with the Sniffer Pro.
most of the stuff out there is just basic info and ipx-based old traces. Does anyone have any tips for practical info and things they look for when trying to analyze a problem with sniffer pro? Any input on things to look for when looking at a sniffer trace? Any info is appreciated.
 
Sort by date Sort by votes
The question may be too general for anyone to help.

Can you list the top 5 situations that cause you grief and that you would like to troubleshoot?

That may help folks give specific tips.

My 2 cents,
MP.
 
Upvote 0 Downvote
I agee with MP.
Teaching Sniffer courses for several years, and doing a lot of troubleshooting at customers learns me that there is no kind "general approach" to troubleshoot a network (unless you think the term From te Bottom up is an approach).

A good thing to do if you have the possibilitie is to create your own set of trace files, during live activity or even better in a lab enviroment. If you know what you did on the network and you have a trace from that, it is easier to link the pieces together. That is where you learn a lot. Simple exameple is too boot up a workstation in a domain enviroment and let a user login. Analyze this trace with in your mind the things the user did.

For example, taking ALL the Sniffer courses will give you the basic knowledge about protocols an topology's. The rest you have to learn in the real world using your Sniffer and all sources of information you can get your hands on
regards,
Robert




Robert Wullems
Network Specialist
SCP/SCE/SCM/CNX/MCP/MCSA/Network+
***************************************
If you can Sniff it, you can solve it!
***************************************
 
Upvote 0 Downvote
jacob200,

IMHO, troubleshooting is more of an art than a science.

Step 0 is always have an understanding how things are supposed to work. This involves knowing how to use the tools you have on hand and knowing what traffic normally looks like on you network. There is nothing worse than trying to figure out how to make a tool do what you want when "all sweat pumps are on-line!" :)

But after that, how any technician approaches a problem is more of a matter of style than proper procedure.

For example, my particular style I call the "bulldog" method.

Whenever there is a supposedly "network" problem, everybodies problem now seems to be caused by the network. I call it the "tar-baby effect." Every little problem now seem to be being cause by the network and the network gets stuck with even local printer problems. So I usually have many more symptoms to sift through and most of which are not directly related to the real problem.

So, I like to find one network-specific symptom (e.g. this user can't browse the domain) and troubleshoot that one symptom. I'll grab onto that symptom like a bulldog and troubleshoot just that symptom until I find its root-cause.

The fix for that solution may resolve a lot of other symptoms. If there are residule symptoms after the first is cured, I'll grab the next most likely symptom and bulldog it until I find its root-cause. Repeat as necessary...

My $0.02, YMMV!
Patrick

Patrick Bartkus, CCNP, CNX, SCM, RHCT Sr. Network Engineer
GA Dept of Labor IT Network Services
If truth were not absolute, how could there be justice?
 
Upvote 0 Downvote
Go to my website -> Past Presentations-> Shakin Your Network To Bits II, Shakin Your Network To Bits I or My 1 hour presentation from the GTEC Show in Ottawa with Fluke Networks.

I've tried to document some of the basic issues and I've seen and other tidbits. Let m eknow if it helps.

Cheers

'Making things work better; bit by bit.'
 
Upvote 0 Downvote
Fortunat -

Nice job on the new slides for Ethereal. I am working on something much like what you did but in a flash version. Hvae you played with Packetlyzer? It's ethereal and a very clean overlay, looks alot like EtherPeek and I'm told that the guy was hired by Wildpackets.

MikeS


Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
 
Upvote 0 Downvote
Hi jacob200,

hands-on and analyzing real world problems are the best way to learn all details from the sniffer pro application.

Highly recommanded: Don't trust sniffer pro only! Use your mind and every information you can get. Don't trust your customer. Make your own picture of the network with all the tools you can get it. Ping, netstat, telnet, finger, ... with advanced options are also usefull.

When you analyze a problem and you have the change to use different analyzers like ethereal, win sniffer, sniffer pro, shomiti, observer DO IT.

After doing a lot of troubleshooting you have a library with sample capture files.

My $0.02,


Werner Fischer
SCM / CCNP / MCSA
look at the frames - bit for bit
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

TTops
  • Locked
  • Question
SQL and Exchange on
Replies
1
Views
63
TTops
TTops
Wasnik
  • Locked
  • Helpful tip
troubleshooting nortel passport 7480 using cli manager
Replies
0
Views
39
Wasnik
Wasnik
Hokie97VT
  • Locked
  • Question
Tool to test LAN/WAN Bandwidth, latency and speed test?
Replies
8
Views
104
STARxFLYER
STARxFLYER
jaydenmarc
  • Locked
  • Question
MAN circuit utilization and analysis
Replies
0
Views
31
jaydenmarc
jaydenmarc
marco25
  • Locked
  • Question
S6040 8ports FX and AppIntel don´t work.
Replies
0
Views
42
marco25
marco25

Part and Inventory Search

Sponsor

Back
Top