Summary of Info. on Network Troubleshooting Tools & Info.

From: Wayne Little (rwl@ee.umr.edu)
Date: Fri May 11 1990 - 14:58:48 CDT


A *long* time back, I posted the following note (text abbreviated):

> I would like to compile an informal manual for low level (ethernet/tcp-ip)
> troubleshooting using the standard tools available under SunOS (etherfind,
> traffic, netstat, etc). ... It also seems
> to me like there is a lot that can be done just with the standard tools.
>
> Assuming this hasn't been done, I am willing to compile submissions into some
> semblance of form/order and repost it to the net. ...
>
> Has this already been done?
>...

Well, the belated answer is *yes*, this already has been done and in grand form!
An FYI RFC, rfc1147 from the Network Working Group, Bob Stine editor, has just
been published. The title pretty much says it all:

"FYI on a Network Management Tool Catalog: Tools for Monitoring and Debugging
TCP/IP Internets and Interconnected Devices."

This catalog has a keyword index (9 pages worth) to all the tools described, &
each tool has a description which includes: NAME, KEYWORDS, ABSTRACT, MECHANISM,
CAVEATS, BUGS, LIMITATIONS, HARDWARE REQUIRED, SOFTWARE REQUIRED & AVAILABILTIY.

After the almost 100 tool descriptions, there is an appendix entitled "Network
Management Tutorial" which gives an overview of the practice of network
management, which includes some good basic guidelines for system monitoring,
fault detection and isolation, performance testing, configuration management
and security.

This can be retrieved via anonymous ftp from:
Hostname: nic.ddn.mil (192.67.67.20)
Filename: rfc:rfc1147.{txt,ps}

One other free document that I would highly recommend is Charles Spurgeon's
"Network Manager's Reading List: TCP/IP, UNIX and Ethernet." From the
introduction to the paper: "This is an annotated list of books and other
resources of use to network managers who are using TCP/IP, UNIX, and Ethernet
technologies. ... Each item in the list is annotated, and many items have
introductory material quoted to help indicate their scope and organization.
Access information is given for each item, and prices are included when
available. The prices listed here are culled from a variety of sources and
should be used only as a rough guide."

This is available in text (txt) and postscript (ps) format on the Rice
archives of sun-spots-digest (per sun-spots-digest Volume 9: Issue 110)
FTP: Hostname : titan.rice.edu (128.42.1.30)
        Directory: sun-source
        Filename : nmread.{txt,ps} [txt = ASCII text & ps = PostScript)
Archive Server Address: archive-server@rice.edu
Archive Server Command: send sun-source nmread.{txt,ps}
<and also from the source>
Hostname: emx.utexas.edu
Filename: network-reading-list.{txt,ps}
You may also retrieve a copy of the list by sending electronic mail to
"netinfo@emx.utexas.edu" with the string "send docs
network-reading-list.txt" (not including the quotation marks). The
postscript version may be retrieved with the "send postscript
network-reading-list.ps" command.

Finally, since the above 2 documents cover the material extensively & well, I
see no reason to rehash what they've done. However, in addition to the flood
of "please send what you get" notes, I did receive a few replies with some
useful information. I'll just include info. not covered in the above 2
references.

A Sun engineer sent me a list which explains sun ethernet interface
(ie0 & le0) related console errors in detail. I'm posting this separately
to sun-nets & sun-spots-digest.

Steve Miller contributed the following experiences & also recommended reading
the host requirements RFCs (RFCs 1122, 1123 & perhaps 1127 for perspective).

Symptoms: periodic 'if0: ethernet jammed' messages appear.
Command: etherfind -i if0 -braodcast -a arp -o -proto_icmp
Output: should show rwho and routing packets, and little else. If you get
        one or more ICMP Destination Unreachables or a lot of arp requests after
        a broadcast packet goes out, you've go a broadcast storm.
Resolution: make sure all hosts use the same network mask and broadcast address.

Symptoms: few in any.
Command: etherfind -i if0 -proto icmp
Output: should be pretty quiet. Some things to watch for are Destination
        Unreachables (with the port number pointing at someone's nameserver),
        other port unreachables (sometimes you'll get this for rwho packets),
        and general errors that don't seem like they should be there.
Resolution: various depending on the problem.

Thanks to:
an anonymous Sun engineer
Robert Enger (enger@sccgate.scc.com)
Steve Harris (uunet!etnibsd!vsh)
Steve Miller (steve@umiacs.UMD.edu
Bob Stine (stine@sparta.com)

My apologies for the belated reply; hope it helps,
-- Wayne Little Internet: rwl@ee.umr.edu Phone: (314) 341-4546
USPS: Univ. of Missouri-Rolla, EE Dept., Rolla, MO 65401
"A cheerful heart is good medicine, but a broken spirit dries the bones" Solomon



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:05:57 CDT