[ Pobierz całość w formacie PDF ]
.Multiple retransmissions could be due tointermittent/marginal/bad links and paths, congestion, or busy devices.Connectionless protocols, on the other hand, do not establish a connection prior to sendingdata.In other words, a device using a connectionless protocol sends or receives data to orfrom its counterpart(s), hoping that the other device is reachable, active, and ready toreceive or send data.An example of this behavior can be observed when using the TFTP (Trivial File TransferProtocol) application layer member of the TCP/IP protocol suite.TFTP can be used toupload or download files to or from a TFTP server.The syntax of this application layerprotocol requires you to enter the address of the TFTP server and the name of the file youwish to download or upload to or from the TFTP server.Upon entering the correct TFTPcommand and appropriate parameters (for example, for uploading), the data is sent to therequested destination.If the destination is unreachable, or it is merely not available, the datadelivery fails and the action has to be repeated.The TFTP application relies on the UDPprotocol member of the TCP/IP suite, which is a connectionless/best effort (unreliable)transport layer protocol.You might ask, why would anybody use a connectionless/unreliable protocol? The answer to this question is that since connectionless protocols haveless overhead, they are faster, and also less demanding of network resources.Whentroubleshooting connectionless protocols, look for failing transactions (such as file transferfailing); these could be due to bad routes, access control configurations, congestion, orother conditions making the path between end devices faulty.78 Chapter 3: Identifying Troubleshooting TargetsUnderstanding Protocol Connection TroubleshootingTargetsIn order for a connection between two hosts to be successfully established, all the lowerlayer protocols must be in working order.For example, a transport layer protocol cannotestablish a connection unless the physical layer, data link layer, and network layer areconfigured and performing properly.You must also keep in mind that in a lot of cases thetrouble experienced may not be due to a single cause.This situation is more likely in a large(multi-hop), multi-protocol, and multi-vendor environment.In the following sections,connection sequences of TCP/IP, IPX/SPX, and AppleTalk are presented, in order to helpyou understand troubleshooting targets in cases where users (client devices) are havingtrouble making connections to a server.TCP Connection SequenceIn this section the sequence of steps involved for a host (host A) to make a TCP connectionto a remote host (host B) is presented, based on Figure 3.1.Figure 3-1 TCP Connection SequenceARPRouting Routingtable tableWANHostBHostAARP ReplyTCP SYNTCP SYN, ACKTCP ACKIf the remote host (host B) must be accessed using its name, host A needs to have a workingname resolution method.For example, PCs running Microsoft Windows software can usea DNS, Wins, LMHOSTS file, HOSTS file, or NetBIOS broadcast to resolve a name to anIP address.Routers can use a DNS or an IP host table for name-to-IP-address resolution.The show ip arp Command 79Once host B s IP address is discovered by host A, host A must gather a MAC address forthe frame (i.e., device) via which it shall send the first IP packet (encapsulating the TCPSYN segment) to host B.If the IP address of host B falls within the subnet that host A isconnected to, host A simply performs a local ARP to obtain host B s MAC address.However, since host A and host B are on remote networks in this example, host A will eitherARP for the local router s IP address (if host A has the local router s interface IP address asits default gateway), or it will ARP for host B s address, hoping that a local router will reply.A local router will reply to the ARP request for host B s IP address if all of the followingapply:" The local router s interface is configured with IP proxy-ARP enabled." The router can route (forward) the IP address of host B." The local router has not learned about host B s network via the interface on which itis hearing the ARP request.Host A submits the first TCP segment (SYN) to host B via the local router, which in turnmight forward the packet to the next router, and so on, all the way to host B.Please notethat the term segment in this context refers to the transport layer protocol data unit(PDU) i.e., do not confuse TCP s segment with a network or subnetwork.If host B is configured to respond favorably to the TCP segment (SYN) received from hostA, it will perform similar functions in order to send the TCP reply segment (SYN, ACK)back to host A.It is worthwhile mentioning that in many cases a packet may correctly getforwarded to a remote device, but the remote device is not able to send the response back(the return path is not working).Host A will send the third TCP segment (ACK) to host B, and once host B receives thatsegment, the TCP connection between host A and B is established.Host A and B can now send data to each other, back and forth.After data transmissions complete, the connection between host A and host B is terminated.The show ip arp CommandAddress Resolution Protocol (ARP) is a network layer member of the TCP/IP protocolsuite.After an outbound interface is selected by IP routing process, a frame with anencapsulation appropriate for that interface must be formed.An important and necessaryfield of the frame is its destination MAC address.If the outbound interface is a LANinterface (such as Ethernet), ARP discovers a MAC address to be used for the outgoingframe through a broadcast-based request.The request includes the IP address for which theARP process is attempting to find a MAC address.If no reply is received, frame delivery(and naturally the intended IP packet delivery) fails and an appropriate ICMP message isgenerated
[ Pobierz całość w formacie PDF ]