Troubleshooting Tools
[!NOTE] This module explores the core principles of Troubleshooting Tools, deriving solutions from first principles and hardware constraints to build world-class, production-ready expertise.
1. Troubleshooting Methodology
When a network goes down, don’t guess. Use the OSI Divide and Conquer approach:
- Bottom-Up: Start at the Physical layer (Is it plugged in?).
- Top-Down: Start at the Application layer (Does the website load?).
- Divide and Conquer: Start at the Network link (Can I ping the gateway?).
2. The Network Engineer’s Toolkit
Connectivity (ICMP)
ping: Tests basic reachability and RTT.traceroute(ortracerton Windows): Shows every hop to the destination. Useful for finding exactly where a path is failing.
Addressing & Routing
ip addr/ifconfig: Shows your local IP and interface state.ip route/netstat -rn: Shows the local routing table.
DNS
nslookup: Simple name-to-IP lookup.dig(Domain Information Groper): Detailed DNS information (A, MX, TXT records).
Connections & Sockets
netstat/ss: Shows all active TCP/UDP connections and listening ports.curl -v: Performs an HTTP request and shows the headers. (Essential for web debugging).
Deep Packet Inspection (Sniffing)
tcpdump: A CLI tool to capture packets on the wire.Wireshark: A GUI tool for analyzing previously captured packets. You can “Follow TCP Stream” to see exactly what data was sent.
3. Interactive: Tool Selection
Which tool would you use for these symptoms?
"I can't reach google.com, but I CAN reach 8.8.8.8"
"The server is slow. I want to check for packet loss."
"I need to see the exact bytes in the TLS handshake."
Select a scenario...
4. Common Issues and Fixes
- IP Conflict: Two devices have the same IP. (Usually fixed by DHCP).
- Broken Pipe: Path exists but a firewall is blocking the specific port. (Check
curl -v). - DNS Poisoning: An attacker is sending false DNS records. (Verify with
dig). - Duplex Mismatch: One side is half-duplex and the other is full. (Causes high error counts and collisions).