Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
The botnet world is booming
What’s driving this university to IPv6? Going green
How ending exclusivity agreements would change the telecom industry
How to use electrical outlets and cheap lasers to steal data
EMC distances rival NetApp
Crime lab saves energy costs by turning up heat in the data center
IBM security software masks confidential info
Google Native Client provides hints on Chrome OS gambit
Ericsson signs deal to run Sprint wireless, wireline networks
Verizon helping companies assess application vulnerabilities
Internet's biggest issue? IPv6 transition, new ARIN CEO says
Gmail, other Google apps, out of beta
Microsoft may have known about critical IE bug for months
Symantec de-duplication strategy targets data growth, virtual machines
Windows 7 ramp-up will be sharp
LANs /

TCP/IP essentials

No network professional should be without these 10 TCP/IP troubleshooting tools and utilities.

Related linksToday's breaking news
Send to a friendFeedback

By Laura Chappell
Network World, 01/10/2000

While there are plenty of specialized network management applications to help identify and fix problems, less than a dozen of them are absolutely essential for troubleshooting. These are the tools you'll use the most, so make sure your toolkit is equipped with these 10 basic necessities for effective, efficient network management.

1. Ping. Ping tests end-to-end connectivity by sending an Internet Control Message Protocol packet to see if a node or device is online and responding. One of the first steps in troubleshooting a network is to use the generic IP loopback address 'ping 127.0.0.1' to test the local device.

You can also use ping to test the maximum transmission unit - the maximum amount of data that can be carried in each packet end-to-end. Moreover, you might use ping to determine the round-trip time in milliseconds to another device on the network.

However, any tools that generate a lot of traffic through your ISP's routers will probably trigger an alarm. If your traffic increases CPU usage or saturates a link to the Internet, your ISP may investigate and limit your activities.

2. Traceroute. Traceroute builds on the functionality of ping by evaluating the hops along a path and calculating the time it takes a packet to travel from one router to the next.

For example, say you ping a remote device but it takes a long time to receive a response. To learn where the delay is occurring, use traceroute to examine the round-trip time to each of the routers along the path.

3. Protocol analyzer/network analyzer. A protocol analyzer (sometimes called a network analyzer) is an absolute necessity for understanding what your network is doing. Analyzers capture all packets, or specific packets defined in a filter, into a trace buffer. The analyzer decodes the packets to give you a readable definition of the contents. Some more advanced analyzers, such as Network Associates' Sniffer Pro, can also interpret the communications patterns to provide alarms and troubleshooting recommendations.

AG Group's EtherPeek is another popular analyzer, and Windows NT comes with a no-frills analyzer called Network Monitor. EtherPeek and Network Associates' Sniffer Basic cost less than $1,500, whereas Sniffer Pro and other more advanced analyzers cost closer to $10,000.

4. Port scanner. Port scanning can tell you what services are available on a remote device.

Just as using ping could get you into trouble, your ISP or the targeted system may construe port scanning or port probing as a hostile action or intrusion. Moreover, port scanning may violate your ISP usage agreement.

5. Nslookup/DIG. Basic nslookup utilities make queries to Domain Name System (DNS) servers. An nslookup query will ask the default DNS server for host name-to-IP address resolutions. Domain Internet Grouper (DIG) is similar to nslookup, but provides a more detailed reply from the DNS server. For example, a simple nslookup reply for www.internal.net analysis.org returns the following information:

Translated name:server.netanalysis.com
IP address:10.23.4.99
Alias:www.internal.netanalysis.org
DIG returns the information above plus the following:
Name servers:AUTH00.NS.INT.NET
IP address: 10.23.66.1
AUTH01.NS.INT.NET
IP address: 10.23.77.1
6. ARP. Address Resolution Protocol keeps track of IP addresses and their corresponding physical network addresses. You can read ARP tables to identify the hardware address that is being used to send packets.

7. Route. Route is a utility that lets you read and manipulate IP routing tables on a local device. The tables determine the next hop along a path to a host or network. These tables also contain the default gateway entry if one exists.

8. SNMP tools. SNMP management tools provide a way to gather and display Management Information Base (MIB) data extracted from devices that support SNMP agents. You can track SNMP devices via an alarming/alerting system that notifies the SNMP manager when a user-defined threshold has been exceeded. However, one of the main obstacles to implementing an SNMP management system is the lack of a true cross-platform product.

9. Cable tester. You need a cable tester to precisely test and troubleshoot network wiring. Tools such as Microtest's OmniScanner often come configured with an entire set of tests to evaluate cable integrity and interference. Cable testers can report total cable lengths, pass/marginal/fail test results, near-end crosstalk, attenuation, impedance and more.

Some cable-tester manufacturers define their tools as network analyzers. Although these devices may provide some information about the packet types crossing the wire, such as broadcasts, they are no substitute for true network analyzers that display packet contents.

10. Combination tools and miscellaneous utilities. There are several indispensable combination troubleshooting tools, including NetScanTools Pro 2000 and the AG Group's NetTools. Each provides a group of utilities that let you port scan, ping, trace route and perform nslookup, saving hours of troubleshooting time. Of the two, NetTools is less expensive and offers a subset of the tools included in NetScanTools Pro 2000.

You may also want to consider other utilities that provide basic configuration and connection information, such as Windows WINIPCFG, IPCONFIG and netstat. An IP address calculator is another handy tool to have around, and you may even be able to find a freeware version on the Internet.

Having the right tools makes the job of troubleshooting TCP/IP networks less painful and less mysterious.

Related links

Chappell is a senior protocol analyst with Network Analysis Institute, a network analysis, research and training firm in Saratoga, Calif. She can be reached at lchappell@ netanalysis.org.

The inner workings of traceroute
Network World, 7/12/99.

More on ping and traceroute
Network World Fusion Focus on Groupware and Messaging, 07/14/99. A Primer On Internet and TCP/IP Tools
IETF overview of nslookup, ping, finger, traceroute and other Internet utilities.

ARP specifications
IETF RFC 826.

ICMP specifications
IETF RFC 792.

SNMP specifications
IETF RFC 1157.

Network World Fusion Focus on Network and Systems Management
Archive of our free, twice-weekly newsletter.

Product info: EtherPeek and AGNet Tools
NetScanTools Pro 2000
OmniScanner
IP subnet calculator

Web-based utilities:

nslookup I
nslookup II

RELATED LINKS

Chappell is a senior protocol analyst with Network Analysis Institute, a network analysis, research and training firm in Saratoga, Calif. She can be reached at lchappell@ netanalysis.org.

Trace files
Analyzer files for a variety of tools. From the Network Analysis Institute.

The inner workings of traceroute
Network World, 7/12/99.

More on ping and traceroute
Network World Fusion Focus on Groupware and Messaging, 07/14/99. A Primer On Internet and TCP/IP Tools
IETF overview of nslookup, ping, finger, traceroute and other Internet utilities.

ARP specifications
IETF RFC 826.

ICMP specifications
IETF RFC 792.

SNMP specifications
IETF RFC 1157.

Network World Fusion Focus on Network and Systems Management
Archive of our free, twice-weekly newsletter.

Product info: Sniffer
EtherPeek and AGNet Tools
NetScanTools Pro 2000
OmniScanner
IP subnet calculator

Web-based utilities:

nslookup I
nslookup II


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.