Troubleshooting Basics

Systematic Troubleshooting Methodology

  • Always follow a structured approach - random troubleshooting wastes time and can create additional problems
  • Use the OSI model as your roadmap (Physical → Data Link → Network → Transport → Session → Presentation → Application)
  • Bottom-up approach: Start at Physical Layer 1 and work upward (most common method)
  • Top-down approach: Start at Application Layer 7 and work downward (useful when application-specific issues are suspected)
  • Divide-and-conquer: Start at middle layers (Network Layer 3) and narrow down based on results

Physical Layer (Layer 1) Troubleshooting

  • Check cable connectivity first - loose connections cause 60% of network issues
  • Verify power status on all devices (routers, switches, access points)
  • Look for physical damage: bent pins, damaged cables, improper seating
  • Use show interfaces to check interface status and statistics
    • UP/UP = interface and line protocol both operational
    • DOWN/DOWN = physical connectivity issue
    • UP/DOWN = physical connection exists but Layer 2 protocol failing
  • Check for frame errors, collisions, and CRC errors using show interfaces
  • Verify VLAN configuration matches on both ends
  • Confirm duplex and speed settings are compatible
    • Auto-negotiation failures often cause duplex mismatches
    • Hard-code both ends if auto-negotiation fails
  • For wireless: verify SSID, security settings, and signal strength

Common Troubleshooting Commands

Command Purpose Key Information
ping Test Layer 3 connectivity RTT, packet loss percentage
traceroute Identify path and failure point Hop-by-hop latency, * indicates timeout
show ip route Verify routing table Routes, next-hop, administrative distance
show interfaces Check interface status Up/down status, errors, utilization
show arp Verify Layer 2 to Layer 3 mapping MAC-to-IP associations
nslookup/dig Test DNS resolution Forward/reverse lookups

Network Layer (Layer 3) Troubleshooting

  • Ping testing sequence: Self → Default gateway → Remote host → DNS server
  • Verify IP configuration: address, subnet mask, default gateway, DNS
  • Check routing tables for proper routes to destination networks
  • Confirm subnet masks match between devices on same network
  • For DHCP issues: verify DHCP server availability and scope configuration

Transport Layer (Layer 4) Troubleshooting

  • Use telnet <ip> <port> to test specific TCP port connectivity
  • Check for firewall or ACL blocking - Layer 4 connectivity exists but specific services fail
  • Verify service is running on destination (HTTP on port 80, HTTPS on port 443, etc.)
  • For UDP services: use application-specific tools (DNS lookups, TFTP transfers)

Vocabulary

Administrative Distance (AD): Trustworthiness rating of routing information source (lower = more trusted) CRC Error: Cyclic Redundancy Check failure indicating corrupted frames at Layer 2 Duplex Mismatch: One device set to full-duplex, other to half-duplex causing collisions Late Collision: Collision occurring after 64 bytes transmitted (usually cable length issue) MTU: Maximum Transmission Unit - largest frame size allowed on network segment RTT: Round Trip Time - time for packet to reach destination and return

Troubleshooting Common Scenarios

Cannot Access Internet

  1. Ping default gateway (tests local network connectivity)
  2. Ping external IP like 8.8.8.8 (bypasses DNS issues)
  3. Ping external hostname like google.com (tests DNS resolution)
  4. Check NAT configuration on edge router

Intermittent Connectivity

  • Often indicates physical layer issues (loose cables, failing hardware)
  • Check interface error counters with show interfaces
  • Monitor over time - pattern may indicate specific cause
  • Verify power supply stability and environmental factors

Slow Network Performance

  • Check interface utilization and error rates
  • Verify no duplex mismatches (causes 50% throughput loss)
  • Test with different packet sizes to identify MTU issues
  • Examine QoS configuration if implemented

Notes

  • Document everything during troubleshooting - symptoms, tests performed, results
  • Always verify the fix actually resolves the original problem
  • Consider impact before making changes - test in maintenance windows when possible
  • Use show running-config to verify configuration matches documentation
  • Remember that one problem can mask another - continue testing after initial fix
  • Keep baseline measurements of normal network performance for comparison
  • For exam purposes: know the systematic approach and which commands test each layer
  • Layer 1 issues are most common but Layer 3 configuration errors are close second