Studied by 0 people
Device Configuration Reviews
The process of reviewing the configuration files of network devices to identify any issues or changes that may be affecting network performance. This includes reviewing both the startup configuration (stored in NVRAM) and the running configuration (actively used by the device).
Routing Tables
A table that contains information about the routes in a network, including the destination network, next hop, and interface. Checking the routing tables on routers, layer three switches, and workstations/servers can help identify any routing issues that may be causing network problems.
Interface Status
The current status of a network interface, including information about duplexing, DHCP, collisions, and broadcast storms. Checking the interface status can help identify issues that may be affecting network connectivity.
VLAN Assignments
The practice of segmenting a network into separate virtual LANs (VLANs) based on user roles and responsibilities. VLAN assignments can be static (based on ports/interfaces) or dynamic (based on MAC addresses). Checking VLAN assignments can help ensure proper network segmentation and reduce the chance of broadcast storms.
Network Performance Baselines
A set of metrics used to define the normal working conditions of a network. Network performance baselines are used for comparison to identify changes in traffic patterns that may indicate network issues. They also help measure the impact of network changes and calculate return on investment.
Collisions
Occur when two hosts on a network transmit data at the same time, causing their signals to combine and become unreadable. Collisions can occur in both wired and wireless networks and can significantly impact network performance.
Broadcast Storms
A situation where a network becomes overwhelmed with broadcast traffic, causing network congestion and performance issues. Broadcast storms can occur due to network configuration issues or faulty network devices.
Collision Domains
Network segments connected by a shared medium or repeaters where collisions can occur. Smaller collision domains decrease the chance of collisions happening and can be achieved by using layer 2 devices like switches or bridges.
Show Interface Command
A command used to view the statistics and status of network interfaces. It can help identify issues such as collisions, deferred frames, late collisions, and excessive collisions.
Excessive Collisions
Occur when a device reaches the maximum number of retransmission attempts after experiencing collisions. After 16 attempts, the device gives up and drops the frame, resulting in excessive collisions.
Excessive collisions
The number of collisions that occur on a network, indicating a problem in the network.
Show controller ethernet
A command that can be entered on a network platform to display excessive collision counters.
Full duplex communication
Devices using simultaneous bidirectional communication on a shared ethernet segment, which can cause excessive collisions.
Half-duplex
A communication mode where data can only be transmitted in one direction at a time, used to overcome excessive collision issues.
Broadcast storm
Overwhelming network system with continuous multicast or broadcast traffic, causing network performance to decrease and potentially leading to a denial of service.
Broadcast domain
Logical division of a computer network where all nodes can reach each other using broadcast at the data link layer (layer 2).
Subnetting
Breaking up a large broadcast domain into smaller networks to reduce the number of broadcast packets generated by clients on the network.
DHCP requests
Requests for IP address assignment using the DORA process (Discover, Offer, Request, Acknowledge) in the DHCP protocol, which can cause a broadcast storm if there is a large volume of requests.
Loop prevention
Enabling BPDUs (Bridge Protocol Data Units) and limiting the number of MAC addresses per port to prevent unintentional loops and broadcast storms in a switching environment.
Packet counters
Monitoring packet counts to identify a potential broadcast storm if there is a rapid increase compared to the normal baseline.
Packet loss
Rise in packet loss on the network indicating a broadcast storm as network devices struggle to process the flood of packets.
Packet analyzer
Using tools like Wireshark or TCP dump to analyze network traffic and identify broadcast storms through the presence of rapidly growing broadcast packets.
Duplicate MAC addresses
MAC addresses assigned to network interface cards that are the same, causing network issues such as confusion for switches and network conductivity problems.
Duplicate IP addresses
IP addresses assigned to devices that are the same, resulting in connectivity issues at layer three.
Logical Domain Manager
A tool used to prevent duplicate MAC addresses in virtual machines by assigning and managing unique MAC addresses for each virtual machine.
Duplicate MAC Address
When the same MAC address is reported on two different ports, causing intermittent connectivity or non-responsiveness in devices.
Protocol Analyzer
A tool like Wireshark that captures and analyzes network traffic, including ARP traffic, to identify duplicate MAC addresses or IP addresses.
Port Security
A feature that allows only a single MAC address to be configured on a switch port, preventing duplicate MAC addresses from accessing the network simultaneously.
Duplicate IP Address
When another computer on the same network has the same IP address as another workstation or server, causing intermittent connectivity issues.
IP Address Conflict
Another term for duplicate IP address, which occurs when two devices have identical IP addresses on the same network.
Rogue DHCP Server
A DHCP server on the network that hands out the same IP addresses as the official DHCP server, causing duplicate IP address issues.
Routing Issues
Problems that can occur in networks, including multicast flooding, asymmetrical routing, and missing routes.
Multicast Flooding
When multicast traffic is flooded throughout the entire network due to no specific host being associated with the multicast MAC address.
Asymmetrical Routing
When network packets leave via one path and return via a different path, causing issues with security devices and dropped packet flows.
Missing Routes
When a router cannot reach a destination due to a missing route in the routing table, commonly caused by mistyped or improperly configured static routes.
Switching Loops
Occur when there are multiple paths between a source and destination device, causing broadcast storms and network congestion.
Spanning Tree Protocol (STP)
A protocol used to prevent switching loops by dynamically selecting and blocking redundant paths in a network.
Switch
A network device that connects multiple devices together and forwards data packets between them.
VLAN
A virtual LAN that allows for the segmentation of a physical network into multiple logical networks.
Route ID
The identifier for a specific route in a network.
Priority
The value used to determine the importance or preference of a route or device in a network.
Cost
The numerical value assigned to a route to indicate the expense or effort required to traverse it.
Bridge ID
The identifier for a bridge, which is a network device that connects multiple networks together.
Root port
The port on a switch that is designated as the primary path for forwarding traffic to the root bridge.
Designated port
The port on a switch that is designated as a secondary path for forwarding traffic.
Blocking state
The state in which a port on a switch does not forward traffic to prevent loops in the network.
Switching loops
Loops in a network that occur when data packets are continuously forwarded between switches, causing network congestion and inefficiency.
Routing loops
Loops in a network that occur when data packets are continuously forwarded between routers, causing network congestion and inefficiency.
Routing algorithm
The method used by routers to determine the best path for forwarding data packets.
Circular route
A route in a network that forms a loop, causing data packets to be continuously forwarded between network devices.
Routing protocols
Sets of rules and procedures used by routers to exchange information and make decisions about the best routes in a network.
Time to Live (TTL)
A value in the IP packet header that limits the lifespan of a packet and prevents it from circulating endlessly in a routing loop.
Split-horizon
A mechanism used in routing protocols to prevent a router from advertising a route back to the same router it learned it from.
Route poisoning
A technique used by routers to mark a failed route with an infinitely high metric, preventing it from being used in the routing table.
Hold-down timers
Timers used in distance vector routing protocols to prevent the reinstatement of a bad route for a certain period of time.
DHCP
Dynamic Host Configuration Protocol, a network management protocol used to automatically assign IP addresses and other communication parameters to devices on a network.
Rogue DHCP server
A DHCP server on a network that is not under the control of the network administrator and can cause network connectivity issues or security threats.
DHCP scope exhaustion
The condition where a DHCP server runs out of available IP addresses to assign to clients joining the network.
DHCP snooping
A technique used to improve the security of DHCP infrastructure by excluding rogue DHCP server traffic and removing malicious or malformed DHCP traffic from the network.
Port security
A feature on network switches that allows the administrator to restrict access to switch ports based on the MAC addresses of connected devices.
Intrusion detection system
A system that monitors network traffic for suspicious activity and alerts administrators of potential security threats.
IP settings
The configuration of an IP address, subnet mask, default gateway, and DNS server IP address on a network client.
VLAN settings
The configuration of virtual LANs, including assigning VLAN IDs and associating ports with specific VLANs.
IP address
A unique numerical identifier assigned to a device connected to a network.
Subnet mask
A number that defines the network portion and host portion of an IP address.
Default gateway
The IP address of the router that connects a local network to the internet.
Routing issue
A problem that prevents proper routing of network traffic.
Network ID
The base IP address of a network, obtained by applying the subnet mask to an IP address.
Broadcast
The highest address in a network, used to send data to all devices on the network.
DNS server
A server that translates domain names into IP addresses.
VLAN
A virtual LAN that allows for logical segmentation of a physical network.
Routing
The process of directing network traffic between different networks or VLANs.
Firewall
A network security device that filters and monitors network traffic based on established rules.
Network connectivity issues
These can be caused by three different situations:access to protected resources from unprotected networks, access to unprotected resources from protected networks, or access to the firewall and its configurations.
Troubleshooting method
To troubleshoot network connectivity issues, use the seven-step troubleshooting method and understand the OSI model to troubleshoot each layer.
Access Control List (ACL)
An ACL is a collection of permit and deny conditions that provide security by blocking unauthorized users and allowing authorized users to access specific resources.
Show access lists
This command is used to inspect the firewall rules on a network-based firewall and display the contents of the current access control list on a Cisco device.
ACL rule considerations
When writing or editing an ACL rule, be careful to avoid typos, verify the protocol and port numbers, verify the source and destination addresses, and ensure the correct order of rules.
Windows Defender Firewall
When dealing with software firewalls like Windows Defender Firewall, it's important to check not only the IP addresses and ports being blocked or allowed, but also the applications and services themselves.
DNS issues
DNS is used to match domain names with corresponding IP addresses. If network clients are unable to resolve domain names, it indicates a DNS issue.
Troubleshooting DNS
Determine if the issue is on a single client or a wider network issue. Verify connectivity between the client and DNS server, flush the DNS cache or change the DNS server configuration if necessary.
DNS server troubleshooting
If the DNS server itself is not properly responding, verify the A records and CNAME records for proper creation and ensure correct spelling of domain names and IP addresses.
ANAME and CNAME records
Records used to verify domain name system (DNS) configurations.
nslookup command
A command used to verify ANAME and CNAME records in DNS.
Time to Live (TTL)
A setting in DNS records that determines how long the records will remain cached.
DNS cache
A temporary storage of DNS records on a device or server.
DNS latency
Delay in accessing DNS records due to the distance between the DNS server and the user.
Network Time Protocol (NTP)
A protocol used for time synchronization between devices in a network.
NTP packets
Packets used to synchronize time between devices using NTP.
MAC address
A unique identifier assigned to a network interface card (NIC) in a device.
IP address
A unique numerical label assigned to each device in a network.
Network performance issues
Problems that affect the speed and efficiency of a network.
CPU utilization
The percentage of CPU capacity being used by a network device.
Bandwidth utilization
The amount of network bandwidth being used by network communications.
Physical connectivity
The quality of physical connections, such as cables, between network devices.
DNS problems
Issues related to the domain name system, such as high DNS latency.
Optical link budget
Calculation of anticipated losses in a fiber optic connection.
Optical time domain reflectometer
A device used to measure losses and reflections in a fiber optic connection.
Optical link budget
The total amount of signal loss that a fiber optic circuit can tolerate before the signal becomes too weak to be detected by the receiver.
Loss of light signal
The decrease in the strength of the light signal due to factors such as distance, connectors, and splices in the fiber optic cable.
Note
Flashcard