Menu
homeSocial network

Development of diagnostic methods for home computer networks. Studying system utilities for LAN diagnostics. If a problem appears on the network, the administrator must write a dump of the channel trace into a special buffer or file at the moment it manifests itself and on the OS.

Laboratory work № 15

15.1 The purpose of the work is to acquire practical knowledge and skills in
construction of PC software to ensure functionality
nization as part of a local computer network.

15.2 Theoretical foundations.

ping utility

The ping utility tests a network connection by sending ICMP type 8 (echo request) packets, to which the recipient responds with an ICMP type 0 (echo reply) packet. Using this utility, it is convenient to check the existence of a path to a given node and determine the timing characteristics of this path. The ping utility only needs to specify an IP address or DNS name, but there are a number of parameters that allow you to fine-tune its operation. The ping utility displays the result of each request/response on a separate line, and before shutting down it displays statistics: minimum, maximum and average packet transmission time, number and proportion of lost packets. Actually ping is " workhorse when testing network connections.

The general format for using the utility (as always, the parameters in square brackets are optional): ping [-t] [-a] [-n number] [-l size] [-f] [-i TTL] [-v TOS] [ -r number] [-s number] [[-j Nodelist] | [-k list of Nodes]] [-w timeout] finalName. To receive such a hint, just run ping without parameters; to display the hint in the ping_test.txt file, use ping > ping_test.txt (the same applies to most other utilities).

The "-t" option enables constant check connection before pressing Ctrl+C. When you press Ctrl+Break, the statistically accumulated information is displayed and the work continues (usually this parameter is used to find out as quickly as possible about the presence of a connection with a given node).

The "-a" parameter requires determining the IP address from the host name (not performed by default).

Option "-n"<число>" allows you to set the number of requests (default is four requests).

Option "-l"<число>" allows you to set the packet size (the default packet size is 64 bytes).

The "-f" parameter allows you to set the "do not fragment" flag in requests. Used in combination with the -1 parameter to detect networks with a small frame size, through which IP packets must be fragmented for transmission.

Option "-i"<число>" sets the packet time to live (TTL); by default, ICMP packets have a time to live of 255.

Option "-r<число>" makes it possible to obtain the route along which the request and response were transmitted (show routing). The numeric parameter can be from 1 to 9 and determines maximum amount nodes that will be shown in the route.

Option "-w"<число>" allows you to set the timeout for each packet (in milliseconds), the default is 1"000 milliseconds.

tracert utility

The tracert utility makes it possible to trace the route of packets to a given host and obtain timing characteristics for each intermediate router along this path. This utility, like the previously described ping, sends a series of ICMP type 8 packets, but with different meanings TTL: first, three packets are sent with TTL=1 (the nearest router will respond to these packets with ICMP type 11 packets (transmission timed out), from which its address will be extracted), then with TTL=2 (the second router will respond to these packets) and so on further until the specified node is reached or the TTL value exceeds the threshold. For each TTL, the utility displays one line with the router address (and, possibly, its domain name - if it was resolved) and three values ​​​​of the time it took to transmit the packet. Formal syntax: tracert [-d] [-h maxNumber] [-j Nodelist] [-w interval] name.

The "-d" parameter allows you to (force) not resolve routers' IP addresses into domain names; this allows you to speed up the operation of the utility by canceling calls to the DNS service.

Option "-h<число>" makes it possible to set the threshold to which the TTL will increase (default - 30).

Option "-w"<число>" allows you to set the timeout for each packet (in milliseconds), default is 1"000 milliseconds.

Pathping utility

The pathping utility actually combines the functionality of the ping and tracert utilities and is executed in two phases: first, like tracert, the route to a given node is collected and displayed (only IP addresses and names) and then, like ping, for some time (the longer the trace was performed , the longer this time will be) statistics are collected on packet transmission times, quantities and relative shares of lost packets for each of the intermediate routers (and not just for a given node, like ping).

Formal syntax: pathping [-g List] [-h Number of hops] [-i Address] [-n] [-p Pause] [-q Number of requests] [-w Timeout] [-P] [-R] [-T] [-4] [-6] node

The most useful result of the second phase of the pathping utility is that it clearly shows which router has problems transmitting packets. For Windows there is a powerful visual (shows the movement of packets on a map of the Planet) router VisualRoute from Visu-alWare ( http://visualware.com).

Agr utility

The agr utility makes it possible to view and change the ARP table, which stores “MMAC address - IP address” pairs for those nodes with which data has recently been exchanged. This table is generated automatically during operation network node, but the network administrator can make entries into it manually. The formal syntax is arp -s inet_addr eth_addr or ARP -d inet_addr or ARP -a [-N if_addr]. Here if_addr essentially specifies the interface number.

The "-a" parameter allows you to display the entire ARP table on the screen.

Parameter "-a"<1Р-адрес>" requests that a record about a node with a given address be displayed on the screen.

Option "-S"<1Р-адрес> <МАС-адрес>" allows you to add an entry about a host with specified addresses to the ARP table.

Option "-d<1Р-адрес>" serves to remove an entry about a host with a given address from the ARP table.

The "-d *" option clears the ARP table.

hostname utility

The hostname utility simply displays the hostname. Can be used in script files for batch processing.

ipconfig utility

The ipconfig utility displays and configures TCP/IP protocol settings. Without additional parameters displays the IP address, subnet mask and default gateway for everyone network interfaces. With the "/all" parameter, in addition to the above, the MAC addresses of network interfaces, host name, addresses are displayed DNS servers and WINS and some other information. Formal syntax: ipconfig | /renew [adapter] | /flushdns | displaydns /registerdns | /showclassid adapter | /setclassid adapter [set_dhcp_class_code]].

The "/flushdns" option flushes the cache of resolved DNS names.

The "/displaydns" option displays a cache of resolved DNS names on the screen.

The "/release [adapter]" parameter releases the IP address leased via DHCP (Dynamic Host Configuration Protocol) (if an adapter is specified, then only for this adapter, otherwise for all adapters).

The "/renew [adapter]" parameter requests a DHCP lease renewal of the EP address (if an adapter is specified, then only for this adapter, otherwise for all adapters).

The "/registerdns" parameter requests that the DHCP lease of all addresses be renewed and they be re-registered in DNS.

route utility

The route utility displays the route table and allows you to change it. Formal syntax: route [-f] [-p] [command [node]] [gateway] . When using route, the “metric” parameter determines the quality of this route (in hops - the number of intermediate routers, the time it takes for a packet to travel along communication lines, the reliability characteristics of the communication line on this route, etc.) in accordance with the criterion specified in the network packet (i.e. n. class of service).

The "PRINT" command prints the route table: network address; netmask; gateway address; interface; metric, the "ADD" command allows you to add a new route, "DELETE" - delete a route, "CHANGE" - change an (existing) route).

netstat utility

The netstat utility displays current connections, ports, pending connections, and TCP/IP protocol statistics. Without additional parameters, a list of current connections is displayed (protocol: TCP or UDP; local address and port; external address and port; connection status). Formal syntax: netstat [-a] [-e] [-n] [-s] [-p name] [-r] [interval]

The "-a" option additionally displays the ports waiting for connections; listening TCP ports are indicated by the "LISTENING" state, and UDP ports are indicated by the external address

The "-n" option requires all addresses and port numbers to be listed in numeric format, since by default netstat tries to resolve IP addresses and names and replace the port number with its name.

The "-r" parameter displays the route table (network address; netmask; gateway address; interface; metric). Similar information can be obtained using route utilities.

The -e option allows you to get Ethernet statistics.

The "-s" option displays statistics for the TCP, UDP and IP protocols.

Parameter "-e"<протокол>" is used in conjunction with the "-s" option to limit the statistics output to the specified protocol (TCP, UDP or IP).

nbtstat utility

The nbtstat utility displays protocol and current TCP/IP connection statistics when using NetBIOS over TCP/IP technology. Formal syntax: nbtstat [-a Host] [-A IP address] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [interval].

The -c option allows you to view the contents of the resolved name cache.

The "-n" parameter allows you to view a list of local NetBIOS names registered by this computer.

Parameter "-a"<имя remote computer>" displays the contents of the name table for the remote computer specified by name.

Parameter "-A" " displays the contents of the name table for a remote computer specified by IP address.

The "-r" option allows you to view name resolution statistics.

The "-interval" parameter specifies cyclic output of statistics at a specified interval in seconds (stop output - Ctrl+C).

15.3 Necessary equipment- IBM PC-compatible computer, connected
connected to a computer network using an Ethernet network card.

15.4 Work procedure. Checking the functionality of the network connection using standard Windows utilities. In this case, you should check that at least one DNS server address is specified correctly (recommended, for example, 192.190.241.65) when setting up the network software, otherwise it will be impossible to match the IP address to the specified domain name. Typical tasks are:

View and analyze the settings of the TCP/IP protocol stack using the ipconfig utility.

Testing the network connection using the ping utility (the final address is indicated by the teacher - it could be, for example, the IP address of the local Proxy server, the address of one of the machines on the network, Domain name some node on the Internet, etc.).

Tracing the route of packets to a given node using the tracert utility.

Display and change the MAC and IP address mapping storage table using the arp utility.

View current network connections, ports, TCP/IP statistics using the netstat utility.

Displaying protocol statistics and current TCP/IP connections when using NetBIOS over TCP/IP with the nbtstat utility.

Displaying and changing the route table using the route utility (the teacher can specify changes or additions to routes).

2.5 Preparation of a work report. The report indicates the parameters of the network used (PC type, MAC and IP addresses of the network card, type and number of switch ports, local network topology).

When using the ping, tracert or pathping utilities, it is necessary to note the packet transmission time (usually the average), the number and proportion of lost packets (using this to draw a conclusion about the correct operation of each intermediate router).

Using netstat utilities it is necessary to fix the assignment of TCP and UDP ports of the PC name, local address and their state (parameter "-a"). General exchange statistics can be obtained using the "-e" parameter; using the "-s" parameter, you should record and analyze statistics for all protocols of the TCP/IP stack (including

When using the nbtstat utility, the first step is to view the NetBIOS name tables on local computer(parameter "-n") and then on other computers on the network (parameters "-a" or "-A").

When using the route utility (with the PRINT parameter for display), both the list of interfaces and the list of active routes are viewed. Deleting a route is achieved by entering route DELETE node (where node is the IP address of the node being removed from the route), adding - route ADD node MASK mask gateway METRIC metric IF interface (where node is the IP address of the node being added, mask is the mask value, gateway is IP -gateway address, metric - metric value of the added route, interface - network interface number can be omitted, then the most suitable one for the specified gateway is selected).

TCP/IP based networks contain a large number of convenient utilities and commands that allow you to monitor the network status and diagnose emerging problems (Table 7.1).

The ping utility is one of the main diagnostic tools in TCP/IP networks and is included with all modern network operating systems. The ping functionality is also implemented in some embedded OS routers; access to ping results for such devices via the SNMP protocol is defined by RFC 2925 (Definitions of Managed Objects for Remote Ping, Traceroute, and Lookup Operations).

Since the program uses ICMP and creates raw packets, superuser rights are required to run it on Unix systems. To allow regular users to use ping, set the SUID bit in the permissions on /bin/ping (chmod4755 /bin/ping and ask an administrator to run this command). Example of running the ping utility:

Example. Launch ping.

%ping -c 3 fpm2.ami.nstu.ru

PING fpm2.ami.nstu.ru (217.71.130.131): 56 data bytes

64 bytes from 217.71.130.131: icmp_seq=0 ttl=57 time=5.458 ms

64 bytes from 217.71.130.131: icmp_seq=1 ttl=57 time=3.088 ms

64 bytes from 217.71.130.131: icmp_seq=2 ttl=57 time=1.927 ms

Fpm2.ami.nstu.ru ping statistics ---

3 packets transmitted, 3 packets received, 0.0% packet loss

round-trip min/avg/max/stddev = 1.927/3.491/5.458/1.469 ms

Table 7.1

Utility (command)

Purpose

Examples of using

Used to send ECHO requests to a specified host. A simple but indispensable network diagnostic tool

ping -c 7 saturn

Used to determine the route packets will take from your host to a specified host

traceroute -I fpm2.ami.nstu.ru

Configures or displays host network interface parameters (for TCP/IP stack protocols)

Displays information about network connections, statistics on network interfaces, etc.

Displays or modifies the ARP (IP to MAC Address Resolution) protocol table

Displays various information about the system

Same as ifconfig, but for Windows XP

Same as traceroute, but for Windows XP

tracert tom.interface.nsk.su

The traceroute utility is designed to determine data routes in TCP/IP networks. It sends data to a specified network node, while displaying information about all intermediate routers through which the data passed on the way to the target node. In case of problems when delivering data to any node, the program allows you to determine which part of the network the problem occurred on.

traceroute is included with most modern networks. operating systems. On Microsoft Windows systems this program is called tracert, and on GNU/Linux systems – traceroute.

To determine intermediate routers, traceroute sends a series of packets to the target node, each time increasing the value of the TTL field ("time to live") by 1. This field usually specifies the maximum number of routers that a packet can traverse. The first packet is sent with a TTL of 1, so the first router sends back an ICMP message indicating that the data could not be delivered. Traceroute records the router's address, as well as the time between sending the packet and receiving the response (this information is displayed on the computer monitor). Then traceroute resends the packet, but with a TTL of 2, which allows the first router to pass the packet on.

The process is repeated until the packet reaches the target node at a certain TTL value. When a response is received from this node, the tracing process is completed.

On the destination host, an IP datagram with TTL = 1 is not discarded and does not generate ICMP messages like expired, but should be given to the application. Reaching the destination is determined as follows: the tracerouted datagrams sent contain a UDP packet with a destination UDP port number (greater than 30000) that is definitely not used on the destination host. At the destination, the UDP module, receiving such datagrams, returns ICMP "port unreachable" error messages. Thus, to know that it has terminated, traceroute only needs to detect that an ICMP error message of this type has been received.

Example on Windows:

C:\Documents and Settings\dnl>tracert fpm2.ami.nstu.ru

Example: Result of running tracert command

Route tracing to fpm2.ami.nstu.ru

with a maximum number of jumps of 30:

1 2 ms 1 ms 1 ms ifgate.interface.nsk.su

2 2 ms 1 ms 2 ms cisco.n-sk.ru

3 1 ms 1 ms 1 ms router.n-sk.ru

4 2 ms 1 ms 1 ms nsk-ix.n-sk.ru

5 2 ms 1 ms 1 ms c7120.nstu.ru

6 2 ms 2 ms 1 ms ix-i.nstu.ru

7 2 ms 3 ms 1 ms ami.nstu.ru

8 2 ms 3 ms 1 ms fpm2.ami.nstu.ru

Tracing is complete.

The program is launched from command line. To do this, you must enter it (Start - Run - In the “Open” column, write “cmd”, click OK). In the window that opens, write:

tracert fpm2.ami.nstu.ru

where tracert is a call to the program, and fpm2.ami.nstu.ru is a symbolic name (DNS name) or IPv4 address.

Example in Linux:

In Unix/Linux systems, there are modes in which the program can only be launched as the superuser root (administrator). These modes include the important ICMP tracing mode (the -I switch).

In all other cases (including in the default mode) traceroute can work on behalf of a regular ordinary user (on the fpm2 and Saturn servers, it is prohibited to use the-I key, so the information displayed on the screen will be incomplete).

Example. Result of running the traceroute command

%traceroute -I saturn.ami.nstu.ru

traceroute to saturn.ami.nstu.ru (217.71.130.153), 64 hops max, 60 byte packets

1 ifgate (195.62.2.1) 1.262 ms 1.258 ms 1.138 ms

2 cisco.n-sk.ru (195.62.0.93) 2.798 ms 1.629 ms 1.903 ms

3 router.n-sk.ru (195.62.1.49) 1.232 ms 1.175 ms 1.170 ms

4 nsk-ix.n-sk.ru (195.62.1.80) 1.567 ms 1.446 ms 1.579 ms

5 c7120.nstu.ru (217.71.128.237) 1.771 ms 1.659 ms 1.582 ms

6 ix-i.nstu.ru (217.71.128.70) 2.040 ms 1.593 ms 1.753 ms

7 ami.nstu.ru (217.71.131.2) 2.996 ms 2.718 ms 1.612 ms

8 saturn.ami.nstu.ru (217.71.130.153) 4.268 ms 3.108 ms 2.051 ms

Comment. The traceroute utility is also used for educational purposes, for example, to determine why packets take so long to travel between providers within the same city. It turned out that the packets were not transmitted through an internal traffic exchange point, but through a city on another continent. In a report on laboratory work, it is advisable to present a similar case for Novosibirsk.

We will use the ifconfig utility not to configure network interfaces, but for educational purposes to obtain information about the state of active network interfaces. To do this, being on a specific host, we execute the ifconfig utility without parameters (options) and analyze the results.

The netstat utility is used to determine the state of network data structures. You can view the router tables on your machine, detailed information about the different protocols used, etc. With the option -i this command displays information about the network interfaces on your machine.

Usage example netstat commands(for SunOC operating system):

name MTU Net/Dest Address Ipkts Ierrs Opkts Oerrs Collis Queue

le0 1500 solar sun 7442667 27558 736826 33 125361 0

lo0 536 loopback localhost 1283 0 1283 0 0 0 ,

Where name– network interface name;

lo0– a loopback interface (or “stub”) used to test network protocols;

MTU -(Maximum Transmition Unit) the size in bytes of the maximum data packet supported by this interface. For Ethernet MTU=1500, for FDDI – 4428, for lo0 – 536;

Net/Dest– purpose of the network. This name, the value of which can be obtained from the Network Number, can be set in the /etc/networks file;

Address– machine name (the -n option also allows you to display the IP address);

Ipkts/Ierrs– number of received packets and number of errors;

Opkts/Oerrs– the same for outgoing packets;

Collis– number of collisions that occurred. A quantity called the collision rate is calculated as (Collis/Opkts)*100. A coefficient of 0...2% is considered good, at 3...5% you can start to worry, but if it is more than 5%, things are very bad;

Queue– the number of packets waiting to pass through the interface. In most cases there are no such packages.

An example of using the netstat utility for Linux:

Bash-3.2$ netstat -i

Kernel Interface table

Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg

eth0 1500 0 173351491 0 0 0 156580779 0 0 0 BMRU

eth1 1500 0 183024 0 0 0 247635 0 0 0 BMRU

lo 16436 0 547246 0 0 0 547246 0 0 0 LRU

Lecture 13 Network diagnostics

Lecture 13

Topic: Network diagnostics

A. Network administrators who shape the network environment (the vast minority).

b. Network users who are forced to master this environment and live in it.

The second category, due to its numerical superiority, is capable of asking so many questions that the first, even being equally numerous, could not answer. The questions can be simple, for example: “Why isn’t email working?” (although it is known that for the second day the entire computer center was cut off due to non-payment). There are also complex ones: “How to reduce response delay if the channel is overloaded?”

The number of computer networks is increasing exponentially, the number of large (>10 PCs) and multi-protocol networks (802.11, 802.16, 802.17, etc.) is growing. As the network grows, its maintenance and diagnostics become more complicated, which is what the administrator faces at the first failure. It is most difficult to diagnose multi-segment networks where PCs are scattered across a large number rooms located far apart from each other. For this reason, the network administrator should begin to study the features of his network already at the phase of its formation and prepare himself and the network for future repairs.

If an emergency situation occurs, the administrator must be able to answer a number of questions:

There is a hardware or software problem;

The failure is caused by program corruption, incorrect configuration choices, or operator error.

Network diagnostics is the process of obtaining and processing information about the state of the network.

Documenting the network

You need to start with comprehensive documentation of the hardware and software of the network. The administrator should always have at hand a network diagram that corresponds to the real situation at the moment, and detailed description software configuration indicating all parameters (physical and IP addresses of all interfaces, masks, names of PCs, routers, MTU values, MSS, TTL and other system variables, typical values ​​of RTT and other network parameters measured in different modes.).

Within a local network, troubleshooting is possible by temporarily dividing it into parts. As the network becomes more integrated into the Internet, such simple measures become insufficient or unacceptable. But we should not neglect such by simple means, as checking for a break or short circuit in the network cable.

It should be remembered that network diagnostics are the basis of network security. Only an administrator who knows everything about what is happening on the network can be sure of its security.

The lecture will assume that the network at the physical level uses the Ethernet standard, and for inter-network communication the TCP/IP protocol (Internet). This list provides variety network environments is not exhausted, but many techniques and software diagnostic tools can be successfully used in other cases. Most of the programs under consideration work in the UNIX environment, but there are analogues for other operating systems.

The source of diagnostic information can be a computer, its processor, network interface, operating system installed on the machine, network switches, routers, etc.

When moving to transmission standards of 1 and especially 10 Gbit/s, additional problems arise. Processing such streams for diagnostic purposes can significantly slow down the machine. Similar problems arise when building IPS/IDS systems, as well as anti-virus programs. However, this problem is also becoming severe due to the fantastic growth in the number of signatures (millions) of attacks and viruses. One way to solve the problem is to use hardware, as well as organize several processing threads, which is quite realistic for machines with several processors.

Diagnostic software

There are many publicly available specialized diagnostic software products on the Internet: Etherfind, Tcpdump, netwatch, snmpman, netguard, ws_watch.

Such tools are also included in the delivery of most standard network packages for MS-DOS, UNIX, Windows NT, VMS and others: ping, tracetoute, netstat, arp, snmpi, dig (venera.isi.edu /pub), hosts, nslookup, ifconfig, ripquery. The diagnostic programs listed above are essential tools for debugging programs that send and receive packets.

OS diagnostic commands

Table 1.

Team name Purpose

arp Displays or modifies the ARP (IP to MAC address translation) protocol table

chnamsv Used to change the configuration of the name service on the computer (for TCP/IP)

chprtsv Changes the print service configuration on a computer client or server

gettable Gets computer tables in NIC format

hostent Directly manipulates computer address correspondence records in the system configuration database

hostid Sets or displays the identifier of this computer

hostname Sets or displays the name of this computer

htable Converts computer files into a format used by network library programs

ifconfig Configures or displays parameters of computer network interfaces (for TCP/IP protocols)

ipreport Generates a packet route report based on the specified route file

iptrace Provides packet route tracking at the interface level for Internet protocols

lsnamsv Displays DNS database information

lsprtsv Displays information from the network print service database

mkhost Creates a PC table file

mknamsv Configures the PC client name service (for TCP/IP)

mktcpip Sets the required values ​​for running TCP/IP on the computer

namerslv Directly manipulates name server records for a local DNS program in the system configuration database

netstat Displays network status

no Configures network options

rmnamsv Removes TCP/IP name service from the host

rmprtsv Removes the print service on a client or server machine

route Used for manual manipulation of route tables

ruptime Displays the status of each computer on the network

ruser Directly manipulates records in three separate system databases that regulate external computer access to programs

securetcpip Enables network security

setclock Sets the time and date for a computer on the network

slattach Connects serial channels as network interfaces

timedc Sends information about the timed daemon

trpt Performs protocol implementation tracking for TCP sockets

In order to diagnose a network situation, it is necessary to understand the interaction of its various parts within the framework of the TCP/IP protocols and have some understanding of the operation of Ethernet.

Networks that follow Internet guidelines have local server names (DNS, RFC-1912, -1886, -1713, -1706, -1611-12, -1536-37, -1183, -1101, -1034-35; numbers printed in bold correspond to document codes containing descriptions standards), which serves to convert the symbolic name of a network object into its IP address. Typically this machine is based on UNIX OS.

The DNS server maintains a corresponding database that stores a lot of other useful information. Many PCs have SNMP residents (RFC-1901-7, -1446-5, -1418-20, -1353, -1270, -1157, -1098) serving the management MIB database (RFC-1792, -1748-49 , -1743, -1697, -1573, -1565-66, -1513-14, -1230, -1227, -1212-13), the contents of which will also help you learn a lot of interesting things about the state of your network. The Internet ideology itself presupposes rich diagnostics (ICMP protocol, RFC-1256, 1885, -1788, -792).

Using the ICMP protocol

The ICMP protocol is used in the most popular diagnostic program, ping (included in almost all network packages). A possible form of calling this program is:

ping<имя или адрес ЭВМ или другого объекта>[package size] [number of parcels]

In various implementations, the ping program has many different options that allow you to measure statistical characteristics of the link (for example, loss), determine the delay on the link (RTT), display the packets sent and the responses received, and determine the route to the point of interest. Ping is used to determine service provider availability, etc.

Below is an example of using the tracetoute command, which is largely equivalent to ping (but based directly on IP using the appropriate options):

traceroute kirk.Bond.edu.au

The traceroute program sends three packets with increasing TTL values; if a response to the packet is not received, the * character is printed. Long delays(RTT) in the above example are determined by satellite communication channels (signal propagation time to the satellite!).

In order to properly respond to emergency situations, you need to have a good understanding of how the network should work under normal conditions. To do this, you need to study the network, its topology, external connections, software configuration of central servers and peripheral PCs. It should be borne in mind that changing the configuration is usually the privilege of the system administrator and in any doubtful cases you should contact him. Unskilled actions when reconfiguring a system can have catastrophic consequences.

Using DNS for diagnostic purposes

As noted above, one of the most important parts of any Internet node is the name server (DNS). The DNS server configuration is determined by three files: named.boot, named.ca and named.local. Zone information is contained in the named.rev file, and local domain information is contained in the named.hosts file. Debugging, monitoring and diagnostics of the DNS server is carried out using the nslookup (or dig) programs.

The DNS server is a very important node object; the speed of servicing requests and the reliability of the system as a whole depend on it. It is for this reason that, in addition to the main one, any node has several secondary DNS servers.

The ifconfig program is used to monitor the status of network interfaces, configure and test them. This command assigns an IP address, subnet mask, and broadcast address to the interface.

Application of NETSTAT

One of the most informative commands is netstat (for a comprehensive description of options and methods of application, I refer you to the documentation for your network software).

This command can give you information about the state of the interfaces on the PC where it is executed: netstat -i

Recently, several comprehensive (publicly available) diagnostic packages have appeared (NetWatch, WS_watch, SNMPMAN, Netguard, etc.). Some of these packages allow you to build graphical model the network being tested, highlighting the working computers in color or using a variation of pictures. Programs that use the SNMP protocol check the availability of the SNMP daemon through a special request, determine the operability of the computer using the ICMP protocol, and then display variables and data arrays from the MIB control database (if this database has a public access level). This can be done automatically or at the request of the operator. The SNMP protocol allows you to monitor variations in the load of individual network segments with UDP, TCP, ICMP, etc. packets, recording the number of errors for each of the active interfaces. To solve this problem, you can use an appropriate program that regularly queries the MIB of the computers you are interested in, and the resulting numbers are entered into the appropriate data bank. If an emergency occurs, the network administrator can view variations in flows in network segments and identify the time and cause of the system failure. Similar data can be obtained using a program that switches the Ethernet interface to the mode of receiving all packets (mode=6). Such a program allows receiving data on all types of packets circulating in a given cable segment.

Of particular interest may be the ttcp diagnostic program, which allows you to measure some characteristics of TCP or UDP exchanges between two nodes.

When networks move to the gigabit speed range, in particular to 10 Gbit/s, difficulties arise in monitoring the state of the network.

Under diagnostics It is generally accepted to understand the measurement of characteristics and monitoring of network performance indicators during its operation, without interrupting the work of users.

Network diagnostics is, in particular, measuring the number of data transmission errors, the degree of load (utilization) of its resources or the response time of application software.

Testing- this is the process of actively influencing the network in order to check its performance and determine potential transmission capabilities network traffic. As a rule, it is carried out to check the condition cable system(quality compliance with standard requirements), find out the maximum throughput or evaluate the response time of application software when changing settings network equipment or physical network configuration.

Troubleshooting the network using hardware.

Conventionally, equipment for diagnostics, troubleshooting and certification of cable systems can be divided into four main groups:

1. Instruments for certification of cable systems, performing all necessary tests for certification cable networks, including determination of attenuation, signal-to-noise ratio, impedance, capacitance and resistance.

2. Network analyzers are the reference measurement tools for diagnosing and certifying cables and cabling systems. Network analyzers contain a high-precision frequency generator and a narrow-band receiver. By transmitting signals of different frequencies into the transmitting pair and measuring the signal in the receiving pair, line attenuation and line characteristics can be measured.

3. Cable scanners allow you to determine cable length, attenuation, impedance, wiring diagram, electrical noise level and evaluate the results. To determine the location of a cable system fault (break, short circuit, etc.), the “cable radar” method, or Time Domain Reflectometry (TDR), is used. The essence of this method is that the scanner emits a short electrical pulse into the cable and measures the delay time before the reflected signal arrives. The polarity of the reflected pulse determines the nature of the cable damage ( short circuit or break). In a correctly installed and connected cable there is no reflected pulse.

4. Testers (ohmmeters) are the simplest and cheapest devices for cable diagnostics. They allow you to determine the continuity of the cable, however, unlike cable scanners, they do not indicate where the failure occurred. Checking the integrity of communication lines is carried out by sequential “dialing” twisted pairs using an ohmmeter.

Connection personal computer to local network

The first thing you need to do is make sure that the network card of your computer/laptop is working and that there is installed drivers. Another important detail required for a local network is a switch (switch) and the network cable itself. Instead of a switch, you can use a Wi-Fi router. But the number of ports will be limited, but as a bonus there will be access to the Internet.

Connecting to the local network occurs in the following sequence.

Network cable are connected to the switch and the computer’s network card. Next, the computer and switch turn on. The OS will boot, during about the same time the switch router will blink, and you can start setting up network parameters: you need to go to “Control Panel” – “View network status and tasks” – “Change adapter settings” – “RMB” – “Properties” – “Configure the computer’s IP address” – “Internet Protocol version 4” – “Properties”. Enter the IP address in the format “192.168.YYY.ХХХ”. Click on the network mask once, it will be installed automatically. Please note that the last two blocks of numbers and the network mask must match the addresses of the network to which the connection is being configured. For example, if the network is “192.168.1.ХХХ”, then “1” is the subnet number, and “ХХХ” is any number from 1 to 254. After setting, you need to click “OK”.

Next you need to install working group, this is necessary to display the computer in the appropriate group. In an office, for example, in the “Accounting” group there will be working machines only from the “Accounting” department. Next, you need to go to the properties of “My Computer” - “Change Settings”. In the system properties, click “Change” to join the computer to the workgroup. Enter the computer name and workgroup. Click “OK” and restart the PC for the changes to take effect.

Another connection option is wireless. This method is only suitable when Wi-Fi available router. For this you will need Wi-Fi adapter(for installation inside or USB port) and Wi-Fi router. You need to connect the adapter. The system will automatically recognize it, install drivers for it, or ask you to insert a driver disc. An icon will appear in the system tray next to the clock. wireless network. Next, you need to click on it, a list of networks available for connection will appear, in which you need to find yours and connect. In this case, you just need to install home group, the IP address will be assigned automatically. The laptop already has built-in LAN card and Wi-Fi adapter.

Connecting a personal computer to the Internet

To connect your computer to a PC, you must do the following: “Start” – “Control Panel” – “Network and Internet” – “Network and Sharing Center” – “Changing adapter settings” – “ Network connections» – “Local Area Network Connection” – “RMB” – “Properties” – “Network” – “Internet Protocol Version 4 (TCP/IPv4)” – “Properties”. In the next window, you need to check the boxes next to the “Obtain an IP address automatically” and “Obtain DNS server address automatically” functions.

Connecting your computer to a wireless Wi-Fi networks, you need to do the following: go to “Network and Sharing Center” – “Connect to a network”. A window will pop up on the right showing the network connection settings. You need to make sure that the airplane mode is not active - it should be turned off. Below will be a list available connections. You need to select a network and connect. You can also check the box next to “Connect automatically” - the computer will automatically connect to this network if it is available. Typically, checking the network requirements requires you to enter a password, but sometimes there is free Wi-Fi.

Studying the enterprise automated control system

Automated control system(abbreviated as ACS) - a complex of hardware and software, as well as personnel intended to manage various processes within the technological process, production, enterprise. ACS are used in various industries, energy, transport, etc. The term “automated”, in contrast to the term “automatic”, emphasizes the retention of certain functions by the human operator, either of the most general, goal-oriented nature, or not amenable to automation. ACS with a decision support system (DSS) are the main tool for increasing the validity of management decisions.

The most important task of the automated control system is to increase the efficiency of facility management based on increased labor productivity and improved methods of planning the management process. Distinguish automated systems management of objects (technological processes - automated process control system, enterprise - automated control system, industry - automated control system) and functional automated systems, for example, design of planned calculations, logistics, etc.

IN general case, the control system can be considered as a set of interconnected management processes and objects. The general goal of control automation is to increase the efficiency of using the potential capabilities of the control object. Thus, a number of goals can be identified:

providing the decision maker (DM) with relevant data for decision making;

acceleration of individual operations for collecting and processing data;

reducing the number of decisions that the decision maker must make;

increasing the level of control and performance discipline;

increasing management efficiency;

reducing the costs of decision makers for performing auxiliary processes;

increasing the degree of validity of decisions made.

The ACS includes the following types support: information, software, technical, organizational, metrological, legal and linguistic.

Main classification criteria, which determine the type of automated control system, are:

sphere of operation of the control object (industry, construction, transport, Agriculture, non-industrial sphere, etc.);

type of controlled process (technological, organizational, economic, etc.);

level in the public administration system.

The AC functions are set to terms of reference to create a specific automated control system based on an analysis of management goals, specified resources to achieve them, the expected effect of automation and in accordance with the standards that apply to this type of automated control system. Each ACS function is implemented by a set of task complexes, individual tasks and operations. The functions of the automated control system generally include the following elements(actions):

planning and (or) forecasting;

accounting, control, analysis;

coordination and (or) regulation.

The required composition of elements is selected depending on the type of specific automated control system. The functions of the automated control system can be combined into subsystems according to functional and other characteristics.

And it is an inspection of the created network for its compliance accepted standards. A serious and competent approach to LAN testing provides a guarantee of long-term, stable and full-fledged work local network and allows you to minimize work in accordance with such an important stage as network diagnostics.

LAN testing includes the following steps:

  • checking cable channels
  • inspection of working units
  • switching equipment testing

At the inspection stage cable channels the integrity of the cable, the correct location of the cable harnesses, as well as the location of the cable routes relative to interference sources and the compliance of the cable system with the requirements of the standards are checked. Inspection of workplaces reveals the correctness of cable laying near the socket modules, as well as the presence of markings. Testing of switching equipment determines the current state of the network for compliance with documentation.

Based on the testing results, a report is drawn up - a document containing conclusions about technical condition LAN and a list of recommendations for troubleshooting identified problems, current operation and ways to develop and modernize the network in the future.

LAN diagnostics and means of its implementation

LAN diagnostics is an important component of local network administration and is the process of finding faults that slow down the operation of the software and the network as a whole. The latter can be divided into three main groups:

Physical layer faults are associated with the failure of network devices and components. Overloads occur due to the inability of network devices to cope with the volume of requests coming to them. Errors in the operation of protocols lead to problems in the interaction of network devices with each other.

To carry out high-quality LAN diagnostics, many different diagnostic tools have been developed around the world to quickly determine the causes of network failures. In area network diagnostics In particular, specialized equipment is used, such as network protocol analyzers, network monitoring devices, cable and network testers, as well as specialized testing equipment. software. Thus, a physical malfunction can be detected using simple testers that check the operation of the channel, and instrumental diagnostics of errors associated with overloads and incorrect work network protocols, is carried out using network testers and protocol analyzers.

A significant part of the above devices have sufficient high price, and this is one of the main reasons to use LAN diagnostic services third party companies already have at their disposal this equipment. In addition, even if you decide to purchase such equipment and diagnose the LAN of your enterprise, as they say, “without leaving the cash register,” it is not at all a fact that your staff System Administrator will successfully cope with such a task: after all, experience and intuition, unlike cable testers, cannot be bought.

Flylink company specializes in the development, installation and LAN testing, as well as diagnostics and maintenance for several years. We have the most advanced equipment and technologies at our disposal, and numerous positive reviews Our clients are confirmed by the highest qualifications of our specialists and the quality of the work performed.