Network Troubleshooting Tools: A Book Review

by Jose Nazario

Networks are complex beasts, even when
it's only one type of system on the network. When you find yourself
in a heterogeneous network with lots of hosts and infrastructure
equipment, these problems grow exponentially. Tracking down
problems and resolving them can be a messy situation.Network Troubleshooting Tools by Joseph
Sloan is a book that outlines a great strategy and tools to fix and
keep networks up and running. By focusing on information
collection, before problems arise and during troubleshooting, we
can pinpoint, isolate and fix the problem more quickly. It is this
basic philosophy that the book succeeds with.This approach can be useful for other networking facets,
including capacity planning and performance evaluation. Through
clear, concise writing and the appropriate use of tools, we learn
how to peer into and understand networks.ContentsThe book is organized much like the OSI networking stack,
starting with the physical wiring and the data link layer, working
through the various protocols and ending with the application
layer. This approach mirrors the sensible approach to take to
troubleshooting. While it focuses on UNIX systems, Windows hosts
are also well covered using both built in tools and third party
tools.The first chapters outline the basic strategies of the book.
First, the it starts with a discussion of general principles and
the reasoning behind information collection and troubleshooting,
which we will build upon in later chapters. In the next chapter the
author focuses on information collection strategies. This should be
old hat to most modestly seasoned UNIX and network administrators,
but it's useful to review. Several tools, aside from
ifconfig and configuration files
are discussed, including lsof and
friends. These can be skimmed by an experienced networking
professional.The inventory and cataloging discussions at the beginning of
the book are very wise lessons to learn. Furthermore, the
discussion about cable labeling, which may seem obvious, is also
worth checking. As Sloan describes, a bit of work when you install
things can help save you later on when you have to fix or even add
capacity to a network.We then begin our journey up the networking stack. This
begins with a discussion of connectivity, including cabling and the
use of ping to test end to end connectivity. This chapter focuses
primarily on Ethernet networks and copper cabling, as opposed to
fiber optics. While not definitive in terms of connectivity
testing, the book does discuss some resources. The use of
ping is supplemented nicely with
other similar tools designed to test connectivity with other
protocols.This is a great segway into a really neat chapter on path
discovery and characteristics. While it may seem obvious to simply
use traceroute, there are, in fact
some subtle things to keep in mind about forward and reverse paths.
Also, bandwidth measurements and throughput tools are discussed.
Sloan's skillful explanations are really in good form here as he
discusses the impact of networking features on these
measurements.Next, we move on to packet capture and analysis. Two major
tools, tcpdump and ethereal, are described, including their
relative strengths and weaknesses along with tcpdump filter syntax.
Furthermore, several useful tools for tcpdump capture cleanup and
processing are described.Continuing, device discovery techniques are detailed, along
with several tools to do so. These can, of course, be useful in
monitoring your network's performance, as is discussed in the
following chapter. This section is a bit heavy on SNMP, which is a
bit limited in that not all hosts should run SNMP. Still, the tools
described are extremely useful.We return to a discussion of performance measurements, which
can be useful in designing a network as well as diagnosing a
problem device which is adversely affecting networking. This is
similar to, but really builds on, the earlier chapter where we
discussed path characteristics. Instead, we passively monitor
traffic and collect statistics, more or less building on the packet
capture information from before. Several well known and useful
tools are described, including ntop and MRTG.One of the neatest chapters in the book describes network
simulators and emulators to assist in the testing of protocol
connectivity. It's interesting to see how one can map a complex
network and learn about its working with only a simulation in front
of you, and tune various parameters to see the effects of your
actions.Of course, at the top of the OSI stack are application
specific protocols such as SMTP, HTTP and DNS. The use of high
powered tools such as dig are described, and even simple techniques
like

telnet host
80

to test a server are discussed.Some LimitationsDespite the fact that this book is a great practical
networking tome, it has a few limitations. Some discussion of fiber
optic cabling would have been nice, for example, as it's seeing
wider deployments these days.
The author expects the reader to be familiar and comfortable
with TCP/IP networking as well as Ethernet and either UNIX or
Windows. As such, the book can focus on what it needs to focus on
without condensing a networking tutorial into it, as well. This has
the disadvantage, however, of not being friendly to the networking
novice. As such, it has a less broad, but still large, target
audience.Surprisingly absent is a decent discussion on routing and the
impact it can have on network diagnostics. This also includes the
non-trivial use of "looking-glass routers" and their associated
information to determine larger network problems across a
WAN.An expanded discussion on application protocol diagnosis
would have been welcome. Additional protocols, as well as
additional options, would have made the section a bit more
satisfying. While this can, of course, grow huge due to the
complexity of these protocols, this would have been a bit more
welcome.Lastly, some real world case studies would have finished off
the book nicely. Various cases could easily illustrate the use of
various levels of troubleshooting and the real world application of
these tools and techniques.ConclusionsThis book is an awesome catalog of extremely useful
networking tools, with a complete reference at the end of the book
for the tools and where to find them. Furthermore, additional
reading and references are provided. This makes the book extremely
worthwhile even after you've digested the chapters.Furthermore, almost everyone will learn something from this
book, even seasoned networking professionals. Even if it's only
about a few tools designed to gather or process information, this
book has much to offer almost everyone in the networking
field.Because of this, Network Troubleshooting
Tools
is highly reccomended for the networking
professional. It's a good book to have on the shelf of any
operations center, and a great instruction manual for incoming
junior level staff.Information
and Resources
Jose Nazario is a biochemistry graduate student nearing the
completion of his PhD. Side projects include Linux and other UNIX
variants, software and security-related matters, and hobbies
outside of his office like fly-fishing and photography.

Load Disqus comments