-
Notifications
You must be signed in to change notification settings - Fork 91
/
14. Troubleshoot and future of Networking
100 lines (87 loc) · 5.39 KB
/
14. Troubleshoot and future of Networking
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
* Troubleshoot
----------------
-> Error-detection - The ability for a protocol or a program to determine that something is wrong.
-> Error-recovery - The ability for a protocol or a program to attempt to fix it.
ICMP (Internet Control Message Protocol) Ping :
-------------------------------------------------
- It is used to communicate any issues faced while connecting or transfer od data.
- Mostly used by routers or remote hosts to communicate why transmission has failed back to the transmitter;
- ICMP consists of
1. Header - few fields and a data-section - that can be used by the host to figure out which of their transmission generated the error.
a. Type (8 bits) - specifies the type of messgae being delivered - destination unreachable, time exceeded;
b. Code (8 bits) - Indicates a more specific reason; destination uinreachable (network, port unreachable);
c. Checksum (16 bit) - Compare the value to check if the data is not corrupted;
d. Rest of the header (32 bit) - optional - to send more infor - type / code;
2. Data payload for the ICMP packet - enables the recipient of the messgae to know which of the transmissions caused the error being reported; (It contains the IP header and the first 8 bytes of data payload section of the offending packet);
Ping -> Tool to useful to detect network issues;
- It lets you send a special type of ICMP message called an Echo Request.
- The Echo Request justs checks if the destination exists;
- If the destination is up and running and able to communicate on the network, it'll send back an ICMP Echo Reply message type;
In the comand line -> ping 8.8.8.8 -> ping <destination ip/ domain name>
-------------------------------------------------------------------------------------------------------------------------------------------
* Traceroute
-------------
- A utility that lets you discover the path between two nodes, and gives you information about each hop along the way;
- It works by the manipulation of the TTL field at the IP level;
- For each hop, traceoute sends three identical packets
- linux and Mac - traceroute google.com (sends UDP packets to very high port numbers)
- windows - tracert google.com (displays the ICMP Echo Requests)
Similar tool:
- mtr - Linux/MacOS (realtime);
- pathping - Windows (runs for 50s, and then displays all the aggregate data all at once);
---------------------------------------------------------------------------------------------------------------------------------------
* Testing Port Connectivity
----------------------------
- To test connectivity at the transport layer
- netcat - Linux/MacOS -> nc <host> <port> -> 2 arguments -> nc google.com 80 - tries to establish connection to google.com on port 80;
nc -z -v google.com 80;
- Test-NetConnection - Windows
Test-NetConnection google.com -> use an ICMP echo request;
---------------------------------------------------------------------------------------------------------------------------------------
* Name Resolution Tools
-------------------------
- nslookup <hostname> -> output - server used to perform the request and resolution result;
In order to identify the IP address of twitter.com
nslookup twitter.com
Output -> A record
Server
Address
Non-authoritative answer:
Name
Address
Name Address
Can start an interative session on nslookup by just typing : nslookup
> google.com
> server 8.8.8.8
> set type=MX
> google.com
> set debug (allows the tool to display the full response of the packets - including intermediary and all their contents(TTL - Zone Files).)
---------------------------------------------------------------------------------------------------------------------------------------
* Public DNS Servers
----------------------
-> An ISP always gives access to a recursive name server as part of the service it provides;
-> Public DNS Servers - Name servers specifically set up so that anyone can use them for free;
-> It can used to resolve name resolutions;
-> Level 3 communications - ISPs - 4.4.4.1 - 4.4.4.6;
-> Google public name servers - Ips 8.8.8.8 , 8.8.4.4;
Most public DNS servers are available to be used through anycast (A technique that is used to route traffic to different destination depending on factors like location, congestion, or link health;);
---------------------------------------------------------------------------------------------------------------------------------------
* Registrars
-------------
Organizations responsible for assigning individual domain names to other organizations or individuals;
- Network Solutions Inc;
- Hundreds of comnpanies
- Expire;
---------------------------------------------------------------------------------------------------------------------------------------
* Host Files
-------------
- prior to DNS;
- Original way that numbered network addresses were correlated with words was through host files;
- Host File - Flat file that contains on each line a network address followed by the host name it can be referred to as;
- 1.2.3.4 webserver (1.2.3.4 <-> webserver)
- Evaluated by the networking stack of the OS;
* Lookback addres -> always points to itself / sending traffic to itself;
- IPV4 - 127.0.0.1 localhost
- IPV6 - ::1 localhost
- Host files -> viruses to disrupt and redirect users traffic;
---------------------------------------------------------------------------------------------------------------------------------------