transport layer protocols also have different timeout values by default and can be configured individually. This can mislead network engineers when troubleshooting, as discussed below. Misconfiguration example
Figure shows a router with multiple configuration errors. The symptom presented is that neither Host A, nor Host B can establish a reliable connection to download files from Server D using TFTP. Following the traffic flow, the network engineer checks the local network segment and finds nothing wrong. The access lists filtering outbound traffic are examined and no faults are found. The NAT process on the router is also building the appropriate translation for the outbound traffic and the access list filtering inbound traffic has an entry to permit traffic from UDP port 69 on the TFTP server to any UDP port on the private IP addresses allocated to Hosts A and B. The engineer can ping Server D from both Hosts A and B and from Router C. At this stage, the network engineer configures the deny ip any any log command to find out if the traffic is returning from the TFTP server, but is being blocked by the access list. The logged messages indicate that TFTP traffic from Server D is getting back to the router, but is addressed to the IP address of the router serial interface being used as the NAT overload outside address. The network engineer corrects the problems with the ACL and tries another TFTP download. Host A can now establish a connection with Server D, but loses connection when doing a large file transfer. There is not any pattern as to the point during the transfer at which the connection is lost. The network engineer suspects that this may be a problem with UDP packets being lost in transit, but uses a protocol analyzer on the WAN link to make sure (installing the WAN protocol analyzer interrupts network communications, so the engineer waits until everyone has gone out to lunch). Results from the protocol analyzer show that the router is receiving more TFTP packets than it should. This means that there is a problem with the router. Examining the router system log in greater detail, the network engineer finds some error messages stating that router has ‘…received packets for which no translation exists…’. The network engineer examines the configuration of the router and notices the following block in the configuration script: ip nat translation udp-timeout 18
ip nat translation dns-timeout 120
ip nat translation tcp-timeout 3600 Assuming the first statement is an error, the network engineer replaces it with ip nat translation udp-timeout 180 and tests the file transfer again. The large file is transferred successfully and the problem is considered resolved. After updating the appropriate documentation, the network engineer removes the unnecessary additions to the network configuration, such as the WAN protocol analyzer and the deny ip any any log statement in the inbound ACL.
Content 6.4 Troubleshooting Complex Network Systems 6.4.5 TCP load distribution with NAT NAT on Cisco routers allows network engineers to provide TCP Load Distribution among hosts. A graphical representation of TCP Load Distribution is given in Figure . Steps to configure TCP load distribution with NAT are in Figure . Although TCP load distribution can improve the performance of some types of network transactions (such as accessing a corporate intranet web service), it can also be a source of network complexity, resulting in intermittent fault behaviors when something goes wrong. Example 1 – host fault
Assume that the network is configured as depicted in Figure . The router is distributing TCP connections evenly among the hosts, as it should. Overnight, power to Host 1.1.1.2 fails and the device is no longer on the network. Because the router does not know this, it continues to forward TCP connection requests to the failed host. The result of this is that one in three connection attempts fail, presenting a seemingly intermittent fault. After a little investigation, the network engineer realizes that every third connection attempt is failing and immediately suspects that one of the hosts may have failed. Power is restored to Host 1.1.1.2 and network performance returns to normal. Example 2 – host misconfiguration
Using the same network configuration from Figure , assume a new network engineer is instructed to build a new server. Because the new network engineer does not understand how the TCP load distribution system works, the new server is configured with the IP address assigned to the virtual host on the NAT router. When the new server is powered up, it detects an IP address conflict and cannot establish a connection to the network. The new engineer examines the interface configuration on the router to locate and confirm the duplicate IP address, but can not find it in the interface configuration. After discussing the problem with a more experienced engineer, the new engineer reconfigures the new server with correct IP settings, reboots, and connects to the network.
Content Summary By completing this module, students should have gained an understanding of the operation of various transport layer networking technologies on routers and hosts. These technologies include: Students should also have gained an appreciation of the various tools and methodologies that can assist with troubleshooting transport layer issues.