How to Troubleshoot External Network Issues
For new IT techs, troubleshooting external network issues may seem daunting. I can reassure you that this particular troubleshooting workflow is easy, though. So, let’s walk through how this process works. If you need hands-on videos, check out Knox Hutchinson’s Server+ course, too.
An Overview of External Network Troubleshooting
In this video, CBT Nuggets trainer Knox Hutchinson discusses troubleshooting external network issues. He explains three simple commands: ping, traceroute, and nslookup.
What are the Most Common Troubleshooting Steps?
When the internet is down, and you need to know why, there are three command-line tools that every IT tech depends on. Those are the ping, tracert, and nslookup commands, and these are their stories.
What is Ping Used For?
The ping tool determines whether a piece of hardware is responding to network requests. When you’re troubleshooting server networking issues, the ping command is your first stop.
Here’s how to use it. Open the command line in your OS. Then type ping followed by the IP address of the target:
Ping 192.168.0.2
If that device is reachable, the ping command will display feedback stating the TTL of the ICMP packet and how many milliseconds it took for the ping request to complete. If the target hardware is not reachable, the ping command will return a timeout error instead.
There’s a bit to unpack here.
My first step is to ping any device on the local network that is working. If ping works then I know my computer, the target device, and all hardware along that route are functioning. It should be noted this is not normal practice.
I’ve learned from the school of hard knocks, and one of those lessons is to always ensure the computer I am using is 100% working before troubleshooting. I can’t stress this enough. Learn from my mistakes.
Once your device is confirmed working, try pinging an IP address outside your network like 8.8.8.8. That is the IP address for Google’s DNS server. It is a reliable test.
If you can reach Google, start working your way down the network tree. Can you ping the network core? What about another device attached to the same switch as yourself? This process is like doing a binary search. Eliminate as many failure points as possible with each ping test.
Pro tip: The ping response states how many milliseconds it takes for the ICMP packet issued by the ping command to hit its target. The ping command will also issue itself multiple times. If the response time drastically changes, there’s a good chance there’s something else wrong with the network.
How to Use Tracert
I love the tracert command. It’s saved my bacon more times than I can count. So, what is it, and how does it work?
The tracert command builds on ping. When an ICMP packet is issued with ping, it is assigned a TTL. TTL stands for ‘time to live’. It’s not a measurement of time. TTL dictates how many hops a packet is allowed to take before it gives up trying to reach its target.
For example, let’s say that Google’s DNS server is 5 hops from your business. The TTL for the packet sent to Google is 3. When that packet reaches its third hop, it’s going to die (or, technically, that router will drop it) and never reach Google.
This is crucial for understanding how tracert works.
Tracert runs ping in a loop. The first packet has a TTL of 1. When that packet drops, it reports back. Then tracert sends another packet with a TTL of 2. And so forth. Tracert keeps sending new packets with incremented TTLs until it fails or reaches its target.
If tracert fails, then there is an issue with the route from your network to tracert’s target. If tracert fails inside of your local network, you’ll know which device to start investigating. If the test fails at the ISP level, then file a ticket with your ISP. If packets stop responding outside of the ISP’s network, then the issue is outside of your control.
How to Use Nslookup
If everything is responding with ping and tracert, then the issue is probably DNS. Nslookup is an excellent tool to test DNS, and It’s easy to use:
Nslookup google.com
If your DNS endpoint has a valid entry for Google.com, it will display all known IP addresses (both IPv4 and IPv6) for that domain. However, this only checks your device’s assigned DNS endpoint.
DNS is designed to fail gracefully. For instance, if your local DNS doesn’t have an entry for a specific domain, it reaches out to the next available DNS server (Eg. Your ISP’s DNS server).
Testing another DNS server is easy. First, enter nslookup in the command-line without any arguments. This will drop you inside the nslookup environment (like Node or PowerShell) where additional commands can be issued. Then enter the command ‘server’ followed by the target IP of the DNS server (Eg. Server 8.8.8.8). This will instruct nslookup to pull DNS records from that specific DNS server. Finally, enter the domain for the DNS record you want to pull.
Why is this helpful? First, we can verify that our local DNS is working. Next, we can verify that DNS records are correct. If the IP address for a domain in your local DNS doesn’t match Google’s DNS server, you might have a DNS problem.
delivered to your inbox.
By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.