Chapter 11: Design Efficient Networked

Systems
Chapter 11 - Sections & Objectives
 11.1 Network Design
• Explain how a small network of directly connected segments is created, configured, and
verified.
• Identify the devices used in a small network.
• Identify the protocols used in a small network.
• Explain how a small network serves as the basis of larger networks.
 11.2 Network Security
• Configure switches and routers with device hardening features to enhance security.
• Explain why basic security measures are necessary on network devices.
• Identify security vulnerabilities.
• Identify general mitigation techniques.
• Configure network devices with device hardening features to mitigate security threats.
Chapter 11 - Sections & Objectives (Cont.)
 11.3 Basic Network Performance
• Use common show commands and utilities to establish relative performance baseline for
the network.
• Use the output of the ping command to establish relative network performance.
• Use the output of the tracert command to establish relative network performance.
• Use show commands to verify the configuration and status of network devices.
• Use host and IOS commands to acquire information about the devices in a network.
 11.4 Network Troubleshooting
• Troubleshoot a network.
• Describe common network troubleshooting methodologies.
• Troubleshoot cable issues and interface issues.
• Troubleshoot issues with devices in the network.
11.1 Network Design
Design Efficient Networked Systems
Small Network Topologies  The majority of businesses are small and
typically require small networks
consisting of a single router with one or
more switches and possibly one or more
wireless access points. The business
might also have IP phones.
• For the Internet connection, the router will
normally have a single WAN connection
using DSL, cable, or an Ethernet
connection.
 Managing a small network is similar to
managing a large network:
• Maintenance and troubleshooting of
existing equipment
• Securing devices and information on the
network
Design Efficient Networked Systems  Regardless of the size, all networks
Device Selection for a Small require planning and design to ensure
that all requirements, cost factors, and
Network deployment options are considered:
• Cost – The cost of a switch or router is
determined by its capacity and
features.
• Speed and Types of Ports/Interfaces –
Choosing the number and types of
ports on a router or switch is an
important decision.
• Expandability – Networking devices
come in both fixed and modular
physical configurations for
expandability and flexibility.
• Operating System Features and
Services – Features and services
should be considered including:
security, QoS, VoIP, Layer 3 switching,
NAT and DHCP.
Install Windown 10
Install window server 2016
Install dhcp service on windows server
Design Efficient Networked Systems
Bandwidth

 The term bandwidth has a number of technical meanings but since the popularization of the
internet, it has generally referred to the volume of information per unit of time that a transmission
medium (like an internet connection) can handle.
 Bandwidth is typically expressed in bits per second, like 60 Mbps or 60 Mb/s, to explain a data
transfer rate of 60 million bits (megabits) every second.
 https://www.lifewire.com/what-is-bandwidth-2625809
Design Efficient Networked Systems
Bandwidth

 How Much Bandwidth Do You Have? (& How Much Do You Need?)

 Check your bandwidth on the lab PC.

 https://www.lifewire.com/internet-speed-test-sites-2626177

 Can you answer these questions:

 What do you think the expected average load should be for college/home;

 How would you calculate an anticipated peak load;

 local internet availability;

 Cost constraints, throughput.

 Review this web address: https://blog.storagecraft.com/bandwidth-constraintsand-bdr/

 Choose the Internet call of the company, download upload, ... use video conference, domestic and
foreign countries, how many people
Design Efficient Networked Systems
Users

 Quality expectations, concept of system growth.

 Considering your home experience of broadband services;

 What is your view of quality?

 Growth of network?

 The most important consideration of any new network is the user (from the users point of view)

 The budget is most important from the companies point of view

Design Efficient Networked Systems
Users
 Questions to consider

 Are the users trained and capable? Or will they create problems due to lack of knowledge and
experience?
 How many users are going to be able to use the network and importantly how many at the same
time?
 When will their peak access occur? And how important is speed of access?

 What is the maximum capacity of the planned network before delays are experienced?
Design Efficient Networked Systems
 IP addressing space must be planned
IP Addressing for a Small Network when implementing a small network.
 All hosts within an internetwork must have
a unique address.
 Different types of devices will factor into
the IP design including:
• End devices for users
• Servers and peripherals
• Hosts that are accessible from the Internet
• Intermediary devices
 Planning and documenting the IP
addressing scheme helps administrators
track device types. For example, if all
servers are assigned a host address in the
range of 50-100, it will be easier to identify
server traffic by their IP address.
Design Efficient Networked Systems
Redundancy in a Small Network
 Reliability is another important element of network
design - a network failure can be costly
 The figure to the left represents a Data Center
network.
 There are 4 types of redundancy in this figure:
• Redundant servers
• Redundant links
• Redundant switches
• Redundant routers
 A server, link, switch, or router could fail and the
network would continue to function.
Design Efficient Networked Systems  The types of traffic and how they
Traffic Management should be handled should be
considered and prioritized in the
network design.
 Routers and Switches in a small
network should be configured to
support real-time traffic such as voice
and video. For example:
• Voice  High Priority
• Video  High Priority
• SMTP  Medium Priority
• Instant Messaging  Normal Priority
• FTP  Low Priority
 Network traffic should be classified
according to priority in order to
enhance productivity of employees
and minimize network downtime.
Small Network Applications and Protocols  There are two forms of software programs
Common Applications or processes that provide access to the
network:
• Network Applications – The software
programs used to communicate over the
network. Some end-user applications are
network aware, and are able to
communicate directly with the lower layers of
the protocol stack. Examples include email
clients and web browsers.
• Application Layer Services – Other programs
need the assistance of application layer
services to use network resources such as
fire transfer or network print spooling.
 Each application or network service uses
protocols, which define the standards and
data formats to be used to format and direct
data.
Small Network Applications and Protocols  Most network professionals work with
Common Protocols network protocols which support the
applications and services used by
employees in a network.
 The figure on the left lists some common
network protocols that are used in most
networks – including small networks.
 Each of these network protocols define:
• Processes on either end of a communication
session.
• Types of messages
 DNS – Service that provides the IP address of a website
• Syntax of the messages
or domain name so a host can connect to it without
using the numerical IP address. • Meaning of information fields
• How messages are sent and the expected
 DHCP Server – Service that assigns an IP address,
response
subnet mask, default gateway and other information to
clients so they don’t have to enter them manually. • Interaction with the next lower layer
Small Network Applications and Protocols
Voice and Video Applications  Businesses today are increasingly
using IP telephony and streaming
media to communicate with
customers and business partners.
 A network administrator must
ensure that the network can
support these applications and
services including a supporting
infrastructure with appropriate
switches and cabling.
 VoIP devices convert analog
signals into digital IP packets. After
the signals are converts into IP
packets, the router sends those
packets between corresponding
locations.
Small Network Applications and Protocols
Voice and Video Applications (Cont.)
 In IP Telephony, the IP phone itself
performs the voice-to-IP conversion.
Voice-enabled routers are not required
within a network with an integrated IP
telephony solution. IP Phones use a
dedicated server for call control and
signaling.
 Real-time Applications – the network
must be able to support applications that
require delay-sensitive delivery. Real-
Time Transport Protocol (RTP) and Real-
Time Transport Control Protocol (RTCP)
are two protocols that support this
requirement.
Design Efficient Networked Systems
Communications

 Suited to devices,

 suited to users,

 supportive of lifestyle desires,

 supportive of commercial requirements,

 security requirements,

 quality of service needs.

Scale to Larger Networks  The network administrator must allow for
Small Network Growth growth for small businesses and their
networks.
 Ideally, the network administrator has
enough lead time to allow the network to
grow in-line with the growth of the
company.
 To scale a network, the following are
required:
• Network documentation – physical and
logical topology
• Device inventory – list of devices that use or
comprise the network
• Budget – itemized IT budget, including fiscal
year equipment purchasing budget
• Traffic analysis – protocols, applications,
and services along with their traffic
requirements should be documented
Scale to Larger Networks
Protocol Analysis  As a network grows, it is very important
to understand the type of traffic that is
crossing the network as well as the
traffic flow.
 A protocol analyzer is the primary tool
used for this. It can also help identify
any unknown traffic and its source.
 To determine traffic flow patterns:
• Capture traffic during peak utilization
times.
• Perform the capture on different network
segments since some traffic will be local
to particular segments.
 The analysis of traffic patterns can be
used to help make decisions on how to
manage the traffic for efficiency.
Scale to Larger Networks
 In addition to understanding changing
Employee Network Utilization traffic trends, a network administrator
must also be aware of how network use is
 Examples of processes running in the Windows changing.
operating system  A network administrator has the ability to
obtain in-person IT “snapshots” of
employee application utilization over time.
This information can help the network
administrator adjust network resources as
necessary. These snapshots typically
include:
• OS and OS Version
• Non-Network Applications
• Network Applications
• CPU Utilization
• Drive Utilization
• RAM Utilization
11.2 Network Security
Security Threats and Vulnerabilities
 Computer networks are essential to
Types of Threats everyday activities. Individuals and
organizations depend on their computers
and networks.
 An intrusion by an unauthorized person
can result in costly network outages and
loss of work.
 Attacks on a network can be devastating
and can result in a loss of time and
money.
 Intruders can gain access to a network
through software vulnerabilities, hardware
attacks, or something as simple as
password guessing – these intruders are
called hackers.
Security Threats and Vulnerabilities
 Four types of threats might occur:
Types of Threats (Cont.) • Information Theft – Occurs when someone
breaks into a computer for the purpose of
stealing confidential information.
• Data Loss and Manipulation – This is
breaking into a computer to destroy or
alter data records. An example of data
loss: a virus that reformats a person’s hard
drive. An example of data manipulation:
breaking into a system to change the price
of an item.
• Identity Theft – This is a form of
information theft where personal
information is stolen for the purpose of
stealing someone’s identity.
• Disruption of Service – This is preventing
legitimate users from accessing services
to which they should be entitled.
Security Threats and Vulnerabilities
 The physical security of network devices
Physical Security is an equally important security
vulnerability to manage.
 There are four classes of physical threats
that must be dealt with:
• Hardware threats – physical damage to
servers, routers, switches, cabling plant,
and workstations
• Environmental threats – temperature
extremes (too hot or cold) or humidity
extremes
• Electrical threats – voltage spikes,
insufficient supply voltage (brownouts),
unconditioned power and power outages.
• Maintenance threats - poor handling of
key electrical components (electrostatic
discharge), lock of critical spare parts, and
poor labeling.
Security Threats and Vulnerabilities  Vulnerability is the degree of weakness
Types of Vulnerabilities which is inherent in every network and
device and includes: routers, switches,
desktops, servers, and security devices.
 Typically, servers and desktop computers
are the devices under attack.
 There are three primary vulnerabilities that
can lead to various attacks. Here are some
examples
• Technological – Weaknesses within insecure
protocols, Operating System and network
equipment weaknesses.
• Configuration – Unsecured user accounts,
system accounts with easily guessable
passwords, misconfigured network equipment.
• Security policy – Lack of a written security
policy, inadequate monitoring and auditing of
the network and resources.
Network Attacks  Malware or malcode is short for malicious
software – software or code that is designed
Types of Malware to damage, disrupt, steal, or inflict damage on
data, hosts, or networks.
 Viruses, worms, and Trojan horses are
examples of malware.
• Viruses – Type of malware (executable file)
that is propagated by inserting a copy of itself
into and becoming a part of another program.
It spreads from computer to computer.
• Worms – Very similar to viruses, but do not
require a host program. Worms are standalone
software programs that take advantage of
system features to trave; through the network.
• Trojan horses – Users are typically tricked into
loading and executing this malware on their
systems. They usually create back doors to
give malicious users access to the system.
Network Attacks  In addition to malicious code attacks,
networks can also fall prey to various network
Reconnaissance Attacks attacks. There are three major categories of
network attacks:
• Reconnaissance attacks – the discovery and
mapping of systems, services, or
vulnerabilities
• Access attacks – the unauthorized
manipulation of data, system access, or user
privileges
• Denial of Service – the disabling or corruption
of networks, systems, or services
 In a Reconnaissance attack, a hacker could
use either nslookup or whois to determine
the IP addresses assigned to an entity. Once
they have the IP address, they can use fping
to ping a range of IP addresses to see who is
responding. Once they know what IP
addresses are responding, they could use
nmap to see which ports are listening.
Network Attacks  Access attacks exploit known vulnerabilities in
Access Attacks authentication services, FTP services, and
web services to gain entry to web accounts,
confidential databases, or access other
resources. There are four classes of access
attacks:
• Password attacks – Hackers can use several
methods including: brute-force attacks, Trojan
horse programs, and packet sniffers.
• Trust Exploitation – An attacker can access a
target system by taking advantage of a trust
relationship between the target system and one
that is compromised.
• Port Redirection – A hacker installs software on
an compromised host and uses that host to
access a target host on a different port.
• Man-in-the-middle – An attacker inserts himself
in the middle of a conversation. A common type
is a Phish email that a victim clicks a link on in
their email.
Network Attacks
 Denial of Service (DoS) attacks prevent
Denial of Service Attacks authorized people from using a service by
using up system resources such as disk
space, bandwidth, and buffers. The attack
can be caused by resource overload or
malformed data.
 DoS attacks are the most publicized and the
most difficult to eliminate. Here are some
examples of DoS attacks:
• Ping of Death – An attacker sends a
malformed or a very large ping packet.
• SYN Flood – An attacker sends multiple SYN
requests to a web server. The web server
waits to complete the TCP three-way
handshake. A valid user tries to send a SYN
request to the web server, but the web server
is unavailable
Network Attacks
Denial of Service Attacks (Cont.) • DDoS – an Attacker uses many
intermediate hosts, called zombies,
to launch an attack on the victim host
or server. The intermediate hosts
used to launch the attack are usually
infected with malware giving control
to the attacker.
• Smurf attack – an ICMP-based attack
where an attacker broadcasts a large
number of ICMP packets using the
victim’s source IP address. The
zombie hosts reply to the target
victim in an attempt to overwhelm the
WAN link to the destination.
Network Attack Mitigation
Backup, Upgrade, Update, and Patch
• Keeping up-to-date with the latest
developments is a critical part of
network security and defending
against network attacks.
• As new malware is released,
enterprises need to keep current
with the latest versions of antivirus
software.
• The most effective way to mitigate
worm or other attacks is to
download security updates from the
operating system vendor and install
patches on all vulnerable systems.
• The use of a central patch server to
install critical patches automatically
is a very useful solution to this
issue.
Network Attack Mitigation
Authentication, Authorization, and Accounting
• Authentication, authorization,
and accounting (AAA) network
security services provide the
framework to set up access
control on a network device.
• AAA is used to control who is
permitted to access a network
(authentication), what they
can do while they are there
(authorize), and what did they
do when they were accessing
the network (accounting).
Network Attack Mitigation • Firewalls are one of the most effective security tools
Firewalls available for protecting users from external threats.
• Network firewalls reside between two or more
networks, control the traffic between them and help
prevent unauthorized access. Host-based firewalls
or personal firewalls are installed on end systems.
• Firewalls use various techniques for determining
what is permitted or denied:
• Packet filtering – Prevents or allows access based on IP
or MAC addresses
• Application filtering – Prevents or allows access by
specific application types based on port numbers
• URL filtering – Prevents or allows access to websites
based on specific URLs or keywords
• Stateful packet inspection (SPI) – Incoming packets
must be legitimate responses to requests from external
hosts. Traffic coming in through the firewall from the
outside must originate from the inside network unless
specifically permitted.
Network Attack Mitigation
Endpoint Security
• An endpoint, or host is an individual
computer system or device that acts as a
network client.
• Common endpoints include: laptops,
desktops, servers, smartphones, and
tablets.
• A company must have a well-documented
policy in place that employees must follow
since securing endpoint devices is one of
the most challenging jobs of a network
administrator.
• The policy should include the use of
antivirus software and host intrusion
prevention.
Device Security • When a new operating system is installed on
a device, the security settings are set to the
Device Security Overview default values.
• This usually leads to a security threats and
• Locking down your router: the default settings including passwords
should be changed.
• System updates and security patches should
be installed.
• For Cisco routers, the Cisco AutoSecure
feature can be used to assist in securing the
system.
• Here are some simple steps that should be
taken to most operating systems:
• Default usernames and passwords should be
changed immediately.
• Access to system resources should be restricted to
only those who need those resources.
• Unnecessary services and applications should be
turned off, disabled, and uninstalled if possible.
Device Security • Strong passwords are critical in
protecting network devices.
Passwords • Here are some password guidelines to
follow:
• Use a password of at least 8 to 10 characters
– preferably 10 or more. The longer the better.
• Password should be complex. Include a mix
of uppercase, lowercase, numbers, symbols,
and spaces if allowed.
• Do not use passwords based on repetition,
common dictionary words, letter or number
sequences, usernames, relative or pet names,
biographical information or any easily
identifiable information.
• Deliberately misspell words in your
passwords.
• Change your passwords often.
• Never write down your passwords and leave
where anyone can find them.
• Use passphrases when possible.
Device Security
• In order to ensure that all configured
Basic Security Practices passwords are a minimum length, use
• Use the global configuration command service the security passwords min-length
command in global configuration mode.
password-encryption to encrypt passwords in the
configuration file and prevent unauthorized individuals • Hackers frequently use a brute-force
from viewing plain text passwords. attack to decrypt encrypted passwords.
Block excessive login attempts to a
device if a set number of failures occur
within a specific amount of time using
the command login block-for 120
attempts 3 within 60
• This command will block login attempts for
120 seconds if there are three failed login
attempts within 60 seconds
• Setting the exec timeout on a router will
automatically disconnect users if they
have been idle for the duration of the
timeout value.
Device Security
Enable SSH • When a
11.3 Basic Network
Performance
The ping Command
 The use of the ping command is a very
Interpreting Ping Results effective method to test for network
connectivity to a particular host, server, or
device – it is an important first step in
troubleshooting a network failure.
 The ping command uses the Internet
Control Message Protocol and verifies
layer 3 connectivity.
 A ping issued from the IOS, such as a
Cisco router, will yield several indicators.
The most common are:
• ! – indicates receipt of an ICMP echo
message. This is what you want to see.
• . – indicates a time expired while waiting for an
ICMP echo reply message
• U – an ICMP unreachable message with
received
The ping Command
Extended Ping  The Cisco IOS offers an
“extended” mode of the ping
command which will give you more
options as shown in the figure to
the left.
 This mode is entered by typing
ping in privileged EXEC mode,
without a destination IP address –
just type ping and press ENTER.
 The example in the figure to the
left demonstrates how to force or
change the source IP address.
This is very useful when
troubleshooting.
The ping Command
Network Baseline  Establishing a network baseline is one
of the most effective tools for
monitoring and troubleshooting network
performance.
 Creating an effective baseline is
accomplished by measuring
performance at various times over a
period of time.
 One method that can be used is to
copy and paste the results from a ping,
trace, or other relevant commands into
a text file with a time stamp.
 Corporate networks should have
extensive baseline statistics using
professional-grade software tools
The traceroute and tracert Command
Interpreting Trace Messages  A trace returns a list of hops as a
packet is routed through a network.
Each router is a hop.
 When using windows, use the tracert
command.
 When performing a trace from a router
CLI, use the traceroute command.
 A “Request timed out” response
indicates that the router did not
respond. It is possible that there is a
network failure, or the routers were
configured to not respond to echo
requests used in the trace.
The traceroute and tracert Command
Extended Traceroute  The extended traceroute command is a
variation that will allow the network
administrator to adjust parameters related
to the command.
 This command is very useful when
troubleshooting routing loops,
determining the exact next-hop router, or
determining where packets are getting
dropped by a router, or denied by a
firewall.
 The extended traceroute command can
be useful in locating the problem. To use
the command, type traceroute and press
ENTER.
 While ping sends icmp packets,
traceroute sends IP packets with a TTL
value (30 by default).
Show Commands
Common show Commands Revisited
 Network technicians use show
commands extensively for verifying
the configuration and operation of a
device or for troubleshooting
purposes.
 Common show commands include:
• show running-config
• show interfaces
• show arp
• show ip route
• show protocols
• show version
Host and IOS Commands
The ipconfig Command

 On a Windows computer, the IP

address of the default gateway can be
viewed by using the ipconfig
command.
 The ipconfig /all command can be
used to view the MAC address as well
as other important details regarding the
Layer 3 addressing of the device.
 The ipconfig /displaydns command
displays all of the cached DNS entries
on a Windows computer system.
Host and IOS Commands
The arp Command
 On a Windows computer, the arp -a
command lists all devices currently
stored in the ARP cache of a
particular host.
 The IPv4 address, physical
address, and the type of
addressing (static/dynamic) is
displayed for each device.
 The arp cache can be cleared using
the command arp-d
Host and IOS Commands
 The Cisco Discovery Protocol (CDP) is
The show cdp neighbors Command a Cisco-proprietary protocol that runs
at the data link layer that allows
adjacent Cisco devices to learn about
each other – even without Layer 3
connectivity.
 When a Cisco device boots up, CDP
starts by default. CDP automatically
discovers neighboring devices running
CDP.
 CDP provides the following information
about each CDP neighbor: device
identifiers, address list, port identifier,
capabilities list, and platform.
 The show cdp neighbors detail
command will show you the IP address
of a neighboring device.
Host and IOS Commands
The show ip interface brief Command
 One of the most frequently used
commands to verify interface
configuration and status of all
interfaces is the show ip interface
brief command.
 This command provides a more
abbreviated output than the show ip
interface command and provides a
summary of the key information for all
of the network interfaces on a router.
 The command displays various
information including the IP address
assigned to each interface and the
operational status of the interface.
Debugging
The debug Command
 IOS processes, protocols, mechanisms
and events generate messages to
communicate their status.
 These messages can provide valuable
information when troubleshooting or
verifying system operations.
 The IOS debug command, entered in
privileged EXEC mode, allows the
administrator to display these message
in real-time for analysis.
 It is possible to narrow the output of
the debug command to include only
the relevant feature or sub-feature that
is needed.
Debugging  Connections to grant access to the
IOS command line interface can be
The terminal monitor Command established locally or remotely.
• Local connections require physical
access to the router or switch using
a cable.
• Remote connections using SSH or
Telnet are made using the network
and require a network protocol such
as IP to be configured.
 Debugging long messages are sent
to the console by default and not to
virtual lines.
 To display log messages on a
terminal or virtual console, use the
privileged EXEC command:
terminal monitor and terminal no
monitor to turn it off.
Systems monitoring
 Network monitoring is the use of a system that constantly monitors a computer network for slow or

failing components and that notifies the network administrator (via email, SMS or other alarms) in

case of outages or other trouble. Network monitoring is part of network management

11.4 Network
Troubleshooting
Troubleshooting Methodologies
 Technicians must be able to analyze
Basic Troubleshooting Approaches the cause of the network problem
before they can resolve the issue.
 This process is called
troubleshooting.
 A common and efficient method is
based on the scientific method and
can be broken down into six steps
shown in the figure to the left.
 How many devices on the network
are experiencing the problem?
• If it’s one device, start troubleshooting
at that device.
• If it’s all devices, start troubleshooting
at the device where all of those
devices are connected.
Troubleshooting Methodologies
 In some cases, it may not be
Resolve or Escalate? possible to resolve the network
problem immediately and may
need to be escalated if it
requires a manager’s decision.
 For example, after
troubleshooting, the technician
discovers that a router module
needs to be replaced. This
problem should be escalated for
the manager’s approval since it
might require a financial
commitment.
Troubleshooting Methodologies
Network Access Layer Issues
The output from the show interfaces command is useful for detecting common media issues. One of
the most important parts of this output is the display of the line and data link protocol status, as
shown in the example.
The first parameter (FastEthernet0/18 is up) refers to the hardware layer and indicates whether the
interface is receiving a carrier detect signal. The second parameter (line protocol is up) refers to the
data link layer and indicates whether the data link layer protocol keepalives are being received.
Based on the output of the show interfaces command, possible problems can be fixed as follows:
• If the interface is up and the line protocol is down, a problem exists. There could be an encapsulation type mismatch, the
interface on the other end could be error-disabled, or there could be a hardware problem.
• If the line protocol and the interface are both down, a cable is not attached, or some other interface problem exists. For
example, in a back-to-back connection, the other end of the connection may be administratively down.
• If the interface is administratively down, it has been manually disabled (the shutdown command has been issued) in the
active configuration.
Troubleshooting Methodologies
Network Access Layer Issues (Cont.)
The show
interfaces command output
displays counters and
statistics for the
FastEthernet0/18 interface,
as shown here:
Configure Switch Ports
Network Access Layer Issues (Cont.)
Some media errors are not severe enough to cause the circuit to fail but do cause network performance
issues. The table explains some of these common errors which can be detected using the show
interfaces command.
Error Type Description

Input Errors Total number of errors. It includes runts, giants, no buffer, CRC, frame, overrun, and ignored counts.
Packets that are discarded because they are smaller than the minimum packet size for the medium.
Runts
For instance, any Ethernet packet that is less than 64 bytes is considered a runt.
Packets that are discarded because they exceed the maximum packet size for the medium. For
Giants
example, any Ethernet packet that is greater than 1,518 bytes is considered a giant.
CRC errors are generated when the calculated checksum is not the same as the checksum
CRC
received.
Sum of all errors that prevented the final transmission of datagrams out of the interface that is being
Output Errors
examined.
Collisions Number of messages retransmitted because of an Ethernet collision.

Late Collisions A collision that occurs after 512 bits of the frame have been transmitted
Troubleshooting Methodologies
Verify and Monitor Solution  The Cisco IOS includes powerful
tools to help with troubleshooting
and verification such as:
 ping – can be used to verify
successful network connectivity
 traceroute – displays the path that
packets are using to reach a
destination and may show where the
packet stopped along the way
 Show commands including show ip
int brief which will show a
summarized view of the interfaces
on a device
 https://www.cisco.com/en/US/docs/i
nternetworking/troubleshooting/guid
e/tr1904.html
Troubleshoot Cables and Interfaces
 In data communications, duplex refers to
Duplex Operation the direction of the data transmission
between two devices such as a router and
a switch.
• Half-duplex – the data is restricted to one
direction at a time
• Full duplex – the data can go both
directions at the same time
 For the best communication performance,
two connected Ethernet network interfaces
must have matching duplex configurations.
• They must both be set to full or half.
• Ethernet autonegotiation was designed to
help with this configuration, but could lead
to problems if one side is set to auto and
the other is not.
Troubleshoot Cables and Interfaces
 Duplex mismatch issues are difficult
Duplex Mismatch to troubleshoot since the
communication between devices still
occurs, but is usually much slower.
• ping might not detect the problem.
• A ping could be successful even
though there is a mismatch
 The Cisco Discovery Protocol (CDP)
can detect a duplex mismatch
between two Cisco devices as
shown in the figure to the left.
 These log messages are only
displayed on a console or on a
remote connection if the terminal
monitor command is enabled.
Troubleshooting Scenarios
 IP address-related problems will likely
IP Addressing Issues on IOS Devices cause connectivity issues.
 Since IP addresses are hierarchical,
any IP addresses assigned to a
network device must conform to that
network’s range of addresses.
 Two common causes of incorrect IPv4
assignments are: manual
misconfiguration or DHCP-related
issues.
 If a mistake is made during the
assignment, communication issues
with the device will likely occur.
 Use the command show ip interface
brief to verify what IPv4 addresses are
assigned to network interfaces.
Troubleshooting Scenarios
 On a Windows-based machine, when
IP Addressing Issues on End Devices the device can’t contact a DHCP
server, Windows will automatically
assign the device to the
169.254.0.0/16 range to allow it to
communicate within the local network.
 Normally, this is an indication of a
problem, and a device assigned with
this address/range will not be able to
communicate with other devices in the
network.
 Most end devices are configured with
DHCP for automatic IPv4 address
assignment.
 Use the ipconfig command to verify
the IP address assigned to a Windows-
based computer.
  The default gateway for an end device
Troubleshooting Scenarios
is the closest networking device that
Default Gateway Issues can forward traffic to other networks –
usually a router.
 Without a valid default-gateway
address, a host will not be able to
communicate with devices outside of it’s
local network.
• The default gateway for a host should
belong to the same network as the end
device.
• The default gateway can be set manually or
obtained from a DHCP server.
 Use the ipconfig command to verify the
default gateway on a Windows-based
computer.
 Use the show ip route command to
verify that the default route has been
set.
Troubleshooting Scenarios
 Domain Name Service (DNS) is used
Troubleshooting DNS Issues to match names, such as,
www.cisco.com, with numerical IP
 Use ipconfig /all to obtain DNS Server addresses.
Information on a Windows PC  This allows a user to enter
www.cisco.com on their web browser
instead of entering Cisco’s IP
address for their web server.
 If DNS is down, it may appear to
some users that the “network is
down”, when in reality, it might just be
that the DNS server is unreachable.
 DNS server addresses can be
manually entered or automatically
assigned using DHCP.