Summary 809 The no debug all command and undebug all command turn off all diagnostic output. To disable a particular debug command, use the no form of the command. For example, if debug for monitoring RIP was enabled with the command debug ip rip, it can be disabled with no debug ip rip. To view what is currently being examined by a debug command, use show debugging. Summary In this chapter, you learned the following: ■ Network testing should be utilized to keep a network running smoothly and efficiently. It should be tested layer by layer. ■ You should use a structured approach to troubleshooting. ■ ping and telnet are two commands that are helpful in troubleshooting network problems. ■ The traceroute command can be used to determine the status of links between routers ■ The different show commands help to confirm Layer 1 and Layer 2 problems. ■ The show ip route and show ip protocol commands help to identify routing issues. ■ Basic debug commands help to discover information about router activity. To supplement all that you’ve learned in this chapter, refer to the chapter-specific Videos, PhotoZooms, and e-Lab Activities on the CD-ROM accompanying this book. Lab Activity Troubleshooting Routing Issues with debug In this lab, you use a systematic OSI troubleshooting process and various show commands to gather information to diagnose routing problems. You then use various debug commands to assist in troubleshooting. chpt_18.fm Page 809 Tuesday, May 27, 2003 2:19 PM 810 Chapter 18: Basic Router Troubleshooting Key Terms keepalive Message sent by one network device to inform another network device that the virtual circuit between the two is still active. network interface card (NIC) Board that provides network communication capabili- ties to and from a computer system. ping Packet Internet groper. ICMP echo message and its reply. Used in IP networks to test the reachability of a network device. Telnet Standard terminal-emulation protocol in the TCP/IP protocol suite. Telnet is used for remote terminal connection, enabling users to log in to remote systems and use resources as if they were connected to a local system. traceroute Program available on many systems that traces the path that a packet takes to a destination. It is used mostly to debug routing problems between hosts. Check Your Understanding Complete all the review questions to test your understanding of the topics and con- cepts in this chapter. Answers are listed in Appendix C, “Check Your Understanding Answer Key.” 1. When a technician performs basic testing of a network, which of the following is true? A. The technician should proceed in sequence from one OSI reference model layer to the next. B. The technician should proceed with any desired OSI layer. C. The technician should proceed with the management level. D. The technician should test for OSI reference model layer issues in a random fashion. 2. What approach should a technician start with when he/she troubleshoots a network? A. The technician should start with a structured approach. B. The technician should start with an approach of his choice. C. The technician should start with any approach. D. The technician should start with a hit-and-miss approach. 1102.book Page 810 Tuesday, May 20, 2003 2:53 PM Check Your Understanding 811 3. When a technician troubleshoots a problem on a network? A. Begin with Layer 1 B. Begin with Layer 2 C. Begin with Layer 3 D. Begin with Layer 4 4. If a technician wants to test network connectivity, which basic command should be used? A. telnet B. ping C. debug D. traceroute 5. When a network administrator wants to verify the application layer software between source and destination stations, which of the following commands should be used? A. ping B. telnet C. debug D. traceroute 6. You suspect that one of the routers connected to your network is sending bad routing information. What command can you use to check? A. router(config)# show ip route B. router# show ip route C. router> show ip protocol D. router(config-router)# show ip protocol 7. Why would you display the IP routing table? A. To set the router update schedule B. To identify destination network addresses and next-hop pairs C. To trace where datagrams are coming from D. To set the parameters and filters for the router 1102.book Page 811 Tuesday, May 20, 2003 2:53 PM 812 Chapter 18: Basic Router Troubleshooting 8. If you wanted to see RIP routing updates as they are sent and received, what command structure would you use? A. router# show ip rip B. router# debug ip protocols C. router# debug ip rip D. router# show ip rip update 9. The dynamic output of the debug command comes at a performance cost, which produces processor overhead? A. High B. Low C. Medium D. Maximum 10. By default, the router sends the debug output and system messages to what? A. The console B. The switch C. The PC D. The user 11. The telnet command provides what type of terminal? A. Register B. Virtual C. Cisco IOS Software D. Command 12. ICMP stands for what? A. Internet Control Message Parameter B. Internal Control Message Protocol C. Internet Control Message Protocol D. Internet Control Message Performance 1102.book Page 812 Tuesday, May 20, 2003 2:53 PM Check Your Understanding 813 13. Most interfaces or NICs have what type of lights that show whether there is a valid connection? A. Indicator B. Catalyst C. Responsive D. Inactive 14. Telnet is used at what layer of the OSI reference model? A. Layer 1 B. Layer 5 C. Layer 6 D. Layer 7 15. If the routing protocol is not enabled or the IP address cannot be determined, at which layer of the OSI model should an administrator begin to look? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4 1102.book Page 813 Tuesday, May 20, 2003 2:53 PM Objectives Upon completion of this chapter, you will be able to ■ Describe TCP and its functions ■ Describe TCP synchronization and flow control ■ Describe User Datagram Protocol (UDP) operation and processes ■ Identify common port numbers ■ Describe multiple conversations between hosts ■ Identify ports used for services and clients ■ Describe port numbering and well-known ports ■ Compare MAC addresses, IP addresses, and port numbers 1102.book Page 814 Tuesday, May 20, 2003 2:53 PM Chapter 19 Intermediate TCP In this chapter, you learn about TCP/IP operation to ensure communication across any set of interconnected networks. In addition, you learn about the TCP/IP protocol stack components, such as protocols to support file transfer, e-mail, remote login, and other applications. You learn about reliable and unreliable transport layer protocols and about connectionless datagram (packet) delivery at the network layer. Finally, you learn how ARP and RARP work. Please be sure to look at the e-Labs, Videos, and PhotoZooms associated with this chap- ter that you will find on the CD-ROM accompanying this book. These CD elements are designed to supplement the material and reinforce the concepts introduced in this chapter. The TCP/IP Protocol Suite The TCP/IP suite of protocols was developed as part of the research done by the Defense Advanced Research Projects Agency (DARPA). It was originally developed to provide communication within DARPA. Later, TCP/IP was included with the Berkeley Software Distribution of UNIX. Now, TCP/IP is the de facto standard for internetwork communi- cations and serves as the transport protocol stack for the Internet, enabling millions of computers to communicate globally. This chapter focuses on TCP/IP for several reasons: ■ TCP/IP is a universally available protocol that you likely use at work. ■ TCP/IP is a useful reference for understanding other protocols because it includes elements that are representative of other protocols. ■ TCP/IP is important because the router uses it as a configuration tool. The function of the TCP/IP protocol stack is to transfer information from one network device to another. In doing so, it closely maps the OSI reference model in the lower layers and supports all standard physical and data link protocols (see Figure 19-1). 1102.book Page 815 Tuesday, May 20, 2003 2:53 PM 816 Chapter 19: Intermediate TCP Figure 19-1 Four Layer Model of TCP/IP The OSI layers most closely related to TCP/IP are Layer 7 (application layer), Layer 4 (transport layer), and Layer 3 (network layer). Included in these layers are various types of protocols with a variety of purposes/functions, all of which are related to the transfer of information. The TCP/IP layers map quite well to the OSI model: TCP (at the transport or host-to-host layer) maps to the OSI transport layer, and the Internet layer maps to the OSI network layer. TCP/IP enables communication among any set of interconnected networks and is equally well suited for both LAN and WAN communication. TCP/IP includes not only Layer 3 and 4 specifications (such as IP and TCP), but also specifications to support such common applications as e-mail, remote login, terminal emulation, and file transfer. TCP/IP Protocol Stack and the Application Layer The application layer of the TCP/IP or Internet protocols combines the functionality found in the OSI session, presentation, and application layers. TCP/IP has protocols to support file transfer, e-mail, and remote login, including the following (see Figure 19-2): ■ Domain Name System (DNS) is a system used on the Internet for translating names of domains and their publicly advertised network nodes into IP addresses. This translation is considered to be transport layer functionality because it pro- vides services to the layer above (application layer) and receives services from the layer below (Internetwork layer). ■ Windows Internet Naming Service (WINS) is a Microsoft-developed standard for Microsoft Windows NT that automatically associates NT workstations with Internet domain names. Ethernet, 802.3, 802.5, FDDI, And So On Application Presentation Session Transport Network Data Link Physical 7 6 5 4 3 2 1 OSI Reference Model Transport Internet Network Interface TCP/IP Conceptual Layers Application 1102.book Page 816 Tuesday, May 20, 2003 2:53 PM The TCP/IP Protocol Suite 817 ■ HOSTS is a file created by network administrators and maintained on servers. The file is used to provide static mappings between IP addresses and computer names. ■ Post Office Protocol (POP3) is an Internet standard for storing e-mail on a mail server until you can access it and download it to your computer. It enables users to receive mail from their inboxes using various levels of security. ■ Simple Mail Transfer Protocol (SMTP) governs the transmission of e-mail over computer networks. It does not provide support for transmission of data other than plain text. ■ Simple Network Management Protocol (SNMP) is a protocol that provides a means to monitor and control network devices and to manage configurations, statistics collection, performance, and security. ■ File Transfer Protocol (FTP) is a reliable, connection-oriented service that uses TCP to transfer files between systems that support FTP. It supports bidirectional binary file and ASCII file transfers. ■ Trivial File Transfer Protocol (TFTP) is a connectionless service that uses UDP. TFTP is used on the router to transfer configuration files and IOS images, and to transfer files between systems that support TFTP. It is useful in some LANs because it operates faster than FTP in a stable environment. ■ Hypertext Transfer Protocol (HTTP) is the Internet standard that supports the exchange of information on the World Wide Web as well as on internal net- works. It supports many different file types, including text, graphics, sound, and video. It defines the process by which web browsers originate requests for infor- mation to send to web servers. Figure 19-2 Application Layer Protocols Transport Internet Network Interface Application * Used by the Router File Transfer E-Mail Remote Login Network Management Name Management TFTP FTP NFS SMTP Telnet rlogin SNMP DNS 1102.book Page 817 Tuesday, May 20, 2003 2:53 PM 818 Chapter 19: Intermediate TCP The following list provides an overview of some troubleshooting protocols: ■ Telnet is a standard terminal emulation protocol used by clients to make remote terminal connections to Telnet server services. It enables users to remotely con- nect to routers to enter configuration commands. ■ Packet Internet Groper (ping) determines whether a computer is reachable. ping uses the Internet Control Message Protocol (ICMP) echo request and reply messages. ■ The traceroute program is available on many systems and is similar to ping, except that traceroute provides more information than ping. traceroute traces the path that a packet takes to a destination and is used to debug routing problems. You also need to be familiar with a few Windows-based utilities: ■ NBSTAT—A utility used to troubleshoot NetBIOS name resolution and used to view and remove entries from the name cache. ■ NETSTAT—A utility that provides information about TCP/IP statistics; it can be used to provide information about the status of TCP/IP connections and summa- ries of ICMP, TCP, and UDP. ■ ipconfig/winipcfg—Utilities used to view current network settings for all net- work interface cards (NICs) on a device; they can be used to view the MAC address, IP address, subnet mask, and gateway, as well as DNS and Dynamic Host Configuration Protocol (DHCP) information. TCP/IP Protocol Stack and the Transport Layer This section introduces the Transmission Control Protocol (TCP), a Layer 4 protocol in the TCP/IP suite. TCP is a reliable, connection-oriented protocol that helps ensure reliable data delivery through the use of synchronization, windowing and window size, sequencing numbers, and acknowledgements (ACK). The transport layer enables a user’s device to segment data from several upper-layer applications for placement on the same Layer 4 data stream and enables a receiving device to reassemble the upper-layer application segments. The Layer 4 data stream is a logical connection between the endpoints of a network; it provides transport services from a source host to a destination host. This service is sometimes referred to as an end-to-end service. The transport layer also provides two protocols (see Figure 19-3): ■ TCP—A connection-oriented, reliable protocol that provides flow control by providing sliding windows and offers reliability by providing sequence numbers and acknowledgments. TCP resends anything that is not acknowledged and sup- plies a virtual circuit between end-user applications. The advantage of TCP is that it provides guaranteed delivery of segments. 1102.book Page 818 Tuesday, May 20, 2003 2:53 PM . lower layers and supports all standard physical and data link protocols (see Figure 19 -1) . 11 02. book Page 815 Tuesday, May 20 , 20 03 2: 53 PM 816 Chapter 19 : Intermediate TCP Figure 19 -1 Four Layer. addresses and next-hop pairs C. To trace where datagrams are coming from D. To set the parameters and filters for the router 11 02. book Page 811 Tuesday, May 20 , 20 03 2: 53 PM 8 12 Chapter 18 : Basic. with a hit -and- miss approach. 11 02. book Page 810 Tuesday, May 20 , 20 03 2: 53 PM Check Your Understanding 811 3. When a technician troubleshoots a problem on a network? A. Begin with Layer 1 B. Begin