implement. This is why most TCP/IP network
equipment comes with an SNMP management agent. SNMP is a
request/response protocol. UDP port 161 is its well-known port.
SNMP uses UDP as its transport protocol because it has no need
for the overhead of TCP. Reliability is not required because
each request generates a response. If the SNMP application does
not receive a response, it simply re-issues the request.
Sequencing is not needed because each request and each response
travels as a single datagram. The NMS periodically requests the
status of each managed device (GetRequest) and each agent
responds with the status of its device (GetResponse). Making
periodic requests is called polling. Polling reduces the burden
on the agent because the NMS decides when polls are needed, and
the agent simply responds. Polling also reduces the burden on
the network because the polls originate from a single system at
a predictable rate. The shortcoming of polling is that it does
not allow for real-time updates. If a problem occurs on a
managed device, the manager does not find out until the agent
is polled. To handle this, SNMP uses a modified polling system
called trap-directed polling. A trap is an interrupt signaled
by a predefined event. When a trap event occurs, the SNMP agent
does not wait for the manager to poll. Instead it immediately
sends information to the manager. Traps allow the agent to
inform the manager of unusual events while allowing the manager
to maintain control of polling. SNMP traps are sent on UDP port
162. The manager sends polls on port 161 and listens for traps
on port 162. The commands in Figure display information about
network management applications. A troubleshooter uses the
information from these commands to isolate problems at the
application layer that are related to the SNMP and NTP
protocols. Figure lists commands which make configuration
changes that troubleshooters can use to correct problems with
network management protocols at the application layer.
Content 7.3 Troubleshooting TCP/IP Application Layer
Protocols 7.3.8 Name resolution Domain Name
Service (DNS) is the service that translates computer and
server names to IP addresses. These names are referred to as
Fully-Qualified Domain Names (FQDN). Before DNS, network
servers were identified using the IP addresses. However, this
became very cumbersome. Eventually, individuals started writing
HOSTS files, which contained names of servers and IP addresses
assigned to them. This way, users would FTP or Telnet to a
system by using their names instead of the IP addresses. This
worked well, and so the HOSTS file was placed on every system
on the Internet. Because administrators of each system
maintained the files independently, this created new problems.
First, if the text database changed, there was no way to update
it automatically on every system. Essentially, the response was
to create a centralized HOSTS file, which would be the
definitive HOSTS file on the Internet. Routinely,
administrators checked this central file for any changes and
would update the HOSTS files on their local systems when there
were changes. This system had many problems. For example, with
only one HOSTS file on the whole Internet, if that site went
down, nobody else knew what any of the DNS names were.
Secondly, as more and more systems were added, the HOSTS file
started to get very big. Finally, the HOSTS names did not
provide for any kind of hierarchy. Therefore if somebody at one
site wanted to have a computer named Admin, nobody else in the
whole world could have a computer named Admin. The answer to
these problems was Domain Name Service (DNS). DNS allows
computer systems to resolve FQDN to IP addresses. DNS
Hierarchy
There are many DNS servers throughout the
Internet. However, each DNS server stores only a portion of the
entire Internet namespace. A DNS hierarchy enables DNS servers
to find their neighbors and ask each other for information
about a specific host. A domain is a label in the DNS
hierarchy. Each node in the DNS hierarchy represents a domain.
Domains under the top-level domains represent individual
organizations or entities. These domains can be further divided
into subdomains to ease administration of an organization's
host computers. Domains, starting with the top-level domains
and branching out below, divide the total DNS name space. The
top-level domain names are closely controlled by the InterNIC,
a division of the Internet Assigned Numbers Authority (IANA)
responsible for assigning these names. Top-level domain names
are part of most URLs. For example, .com, .edu, .net,
.gov, and .org are top-level domain names. These top-level
domains contain the basis for the rest of the domain naming
structure. Individual organizations are granted second-level
domain names within one or more of these top-level domains.
Because names have to be unique in a domain, they must be
registered. When an organization wishes to acquire a
second-level domain name, it must submit a request to the
Internet Network Information Center (InterNIC). If the domain
name is available and the InterNIC does not have a problem with
the name, it is assigned to the organization in exchange for a
small biannual fee. The organization itself is responsible for
assigning third-level and lower domains. How DNS is
resolved
In Figure , the client makes a request to the
corporate DNS server. The DNS server checks its cache to see if
the query has already been resolved. In this situation, the
corporate DNS server has no record of this query. Therefore,
the corporate DNS switches roles and now acts as a client and
issues an iterative query to the local ISP. The ISP name server
has no record of this resolved request. The ISP server replies
back with a hint to query the root domain server. The DNS
server issues an iterative query at the top of the DNS
hierarchy to the root level server. After each query and
response the server goes down the DNS tree until it finally
finds the correct resolved name. Nslookup
The most
effective command for testing and resolving DNS issues is the
nslookup command. If the lookup request fails,
nslookup prints an error message. Figure lists possible
error messages. DNS and Routers
A router can be
configured to use DNS lookups so that ping or
traceroute commands can be used with a hostname rather
than an IP address. Use the commands in Figure to do so.
Content 7.3 Troubleshooting TCP/IP Application Layer
Protocols 7.3.9 Dynamic Host Configuration
Protocol (DHCP) Dynamic Host Configuration Protocol (DHCP)
is used to dynamically assign IP addresses to hosts. Although
it is not a true TCP/IP application program, it is important to
cover it to some detail. DHCP uses a client-server structure to
provide configuration parameters to hosts. It consists of a
protocol that provides host-specific configuration parameters
from a DHCP server (or collection of DHCP servers) to a host
and a mechanism to allocate network addresses to a host. The
commands in Figure display information about the Dynamic Host
Configuration Protocol (DHCP) application. A troubleshooter
uses the information from these commands to isolate problems
with DHCP.
Content 7.4 Troubleshooting TCP/IP
Application Layer Problems 7.4.1
Troubleshooting Telnet problems The following section will
provide common application layer problems and the suggested
steps required to solve these problems. The focus of this
section is to develop an awareness of steps required to
logically solve problems. Many problems can stop a Telnet
session from being established. The steps to troubleshoot
particular problems will change depending on the specific
problem. However, a good troubleshooter will be able to solve
these problems by methodically eliminating potential issues.
Troubleshooting Telnet Example
The second-level
network engineer for a company in Toronto would like to
remotely manage a router in Calgary. However, the engineer is
unable to establish a Telnet connection to it from her office