Blog GES Unraveling Network Mysteries
Unraveling Network Mysteries: The Art of Reverse Engineering In networking, reverse engineering doesn’t mean figuring out how something was built and trying to copy it (like the German Enigma machine...
In this week’s “tips and tricks” blog, I’ll discuss issues which can arise at the interface level which can cause security and performance problems. Network automation can help you troubleshoot interface problems more effectively. You can instantly create a Dynamic Network Map to target the problem interfaces, then, you can drill down with automation to diagnose the connectivity, performance, and configuration of each interface.
The first step to troubleshooting any network issue is to identify the area of the network that is experiencing or causing problems. A network map is the best visual asset to help you identify and understand the symptomatic interfaces. NetBrain provides several ways to create or open a targeted map on-demand. For example, you can start by mapping the relevant switch group.
You can dynamically extend the devices that are viewable on the map by clicking on a device that has a ‘+’ sign (indicating the device has neighbors not currently displayed)
NetBrain Qapps provides a way for you to collect data from the network without having to log into a bunch of switches serially and type in a string of show commands. NetBrain has several built-in apps that can automate interface diagnoses. Most importantly, you can easily write your own apps to automate much more. These apps run directly from the map and leverage the map as the ‘canvas’ for your targeted data analysis.
Recommended App: Highlight VLANs
Sometimes devices in the same VLAN can’t reach one another. One possible cause is that the interfaces aren’t assigned to the proper VLAN. To verify that interface assignments were configured properly, you can run the Highlight VLAN app. This will help ensure that both sides of the link are configured properly. This app is also helpful for verifying that the proper VLANs are allowed on each trunk port.
Recommended App: Overall Health Monitor
It’s a good idea to identify if any interfaces are down or flapping (up/down). The Overall Health Monitor will perform a continuous SNMP scan of the network to determine interface status and link performance (delay, errors, and utilization) to alert you to interfaces that have connectivity issues. This app will continuously monitor and plot the status of each interface as long as it’s running. If an interface goes down, or a link gets clogged up, you can be alerted automatically.
Recommended App: Check Interface Errors
If the link is experiencing degraded performance, it could be due to a physical (layer-1) problem. The most effective way to discover physical layer problems is to look at that output from the show interfaces command (for Cisco switches). There are various errors you may look for which may hint at a bad cable or interface configuration issue:
By running the Check Interface Errors app, you can immediately determine whether these errors exist on any link on the map, and (more importantly) whether or not the errors are increasing.
Recommended App: Detect Speed/Duplex Mismatch
Another common cause of degraded link performance is a duplex mismatch. Duplex mismatches usually won’t bring a link down, but they will result in suboptimal performance. You would suspect a duplex mismatch if you saw collisions on a full-duplex link (by running the Check Interface Errors app) because a full-duplex link should never have collisions.
Cisco switches use Ethernet auto-negotiation, by default, to determine the speed and duplex setting, however a duplex mismatch might be caused by hard-coding one side of the link to full duplex but leaving the other side to auto negotiate. To determine if any such hard-coding mistakes have been configured on the network, you can run the Detect Speed/Duplex Mismatch app.