Network+ 10-009 Objective 5.3: Troubleshoot Common Issues with Network Services

Network Loops:

• Broadcast Storms: Continuous broadcast frame flooding
• MAC Address Table Instability: Constantly changing MAC table entries
• Multiple Frame Copies: Duplicate frames received by hosts
• Network Congestion: Excessive traffic causing performance issues
• Switch CPU Overload: High CPU utilization on switches
• Connectivity Loss: Complete network connectivity failure
• Detection Methods: Monitor broadcast traffic and CPU usage
• Prevention: Proper STP configuration and topology design

Root Bridge Selection Issues:

• Bridge ID Components: Priority (2 bytes) + MAC address (6 bytes)
• Lowest Bridge ID: Switch with lowest Bridge ID becomes root
• Priority Configuration: Manually set bridge priority values
• MAC Address Impact: Lower MAC addresses preferred
• Suboptimal Root: Wrong switch selected as root bridge
• Performance Impact: Inefficient traffic paths
• Configuration: Use spanning-tree vlan X priority command
• Verification: Show spanning-tree root command

Port Roles:

• Root Port: Port with lowest cost to root bridge
• Designated Port: Port that forwards traffic for a segment
• Blocking Port: Port that blocks traffic to prevent loops
• Alternate Port: Backup port in RSTP/MSTP
• Backup Port: Backup port for same segment
• Port Role Issues: Incorrect role assignment
• Troubleshooting: Show spanning-tree detail command
• Configuration: Adjust port costs and priorities

Port States:

• Blocking: Port blocks traffic, listens to BPDUs
• Listening: Port listens to BPDUs, no forwarding
• Learning: Port learns MAC addresses, no forwarding
• Forwarding: Port forwards traffic normally
• Disabled: Port is administratively disabled
• State Transitions: 30-second transitions in STP
• RSTP States: Discarding, Learning, Forwarding
• Monitoring: Show spanning-tree interface command

VLAN Configuration Issues:

• Access Port Configuration: Incorrect VLAN assignment to access ports
• Trunk Port Configuration: Missing or incorrect VLANs on trunk
• Native VLAN Mismatch: Different native VLANs on trunk ends
• VLAN Pruning: VLANs not allowed on trunk ports
• VLAN Database: VLAN not created in VLAN database
• VTP Issues: VLAN Trunking Protocol configuration problems
• Symptoms: No connectivity between VLANs
• Verification: Show vlan brief, show interfaces trunk

VLAN Troubleshooting Steps:

• Verify VLAN Exists: Check VLAN database
• Check Port Assignment: Verify access port VLAN
• Verify Trunk Configuration: Check allowed VLANs
• Check Native VLAN: Ensure native VLAN matches
• Test Connectivity: Ping between VLANs
• Check Routing: Verify inter-VLAN routing
• Monitor Traffic: Use packet capture tools
• Document Changes: Record all VLAN modifications

ACL Configuration Issues:

• Implicit Deny: Missing permit statements
• Rule Order: Incorrect order of ACL entries
• Wildcard Masks: Incorrect wildcard mask configuration
• Port Numbers: Wrong port numbers in ACL rules
• Direction Issues: ACL applied in wrong direction
• Interface Application: ACL not applied to correct interface
• Syntax Errors: Incorrect ACL syntax
• Testing: Use show access-lists command

ACL Troubleshooting:

• Check ACL Syntax: Verify ACL configuration
• Verify Application: Check interface ACL assignment
• Test Connectivity: Ping and trace connectivity
• Monitor Hits: Check ACL hit counters
• Log Analysis: Review ACL logging output
• Rule Testing: Test individual ACL rules
• Backup Configuration: Backup before changes
• Documentation: Document ACL purposes

Routing Table Problems:

• Missing Routes: Routes not present in routing table
• Incorrect Routes: Wrong next-hop or interface
• Suboptimal Routes: Routes with higher administrative distance
• Route Flapping: Routes constantly changing
• Route Loops: Circular routing paths
• Metric Issues: Incorrect route metrics
• Administrative Distance: Wrong AD values
• Verification: Show ip route command

Route Selection Criteria:

• Longest Match: Most specific route selected
• Administrative Distance: Lower AD preferred
• Metric: Lower metric preferred
• Route Source: Direct, static, dynamic routes
• Route Age: Newer routes preferred
• Interface Status: Active interfaces only
• Next-Hop Reachability: Next-hop must be reachable
• Load Balancing: Equal cost multipath routing

Default Route Issues:

• Missing Default Route: No default route configured
• Incorrect Next-Hop: Wrong default gateway
• Multiple Default Routes: Conflicting default routes
• Route Advertisement: Default route not advertised
• Administrative Distance: Wrong AD for default route
• Interface Issues: Default route interface down
• Configuration: ip route 0.0.0.0 0.0.0.0 command
• Verification: Show ip route 0.0.0.0 command

Default Route Troubleshooting:

• Check Configuration: Verify default route configuration
• Test Connectivity: Ping external destinations
• Trace Routes: Use traceroute to verify path
• Check Interface Status: Verify interface is up
• Verify Next-Hop: Ensure next-hop is reachable
• Check Routing Protocol: Verify dynamic route advertisement
• Monitor Routes: Watch for route changes
• Document Changes: Record default route modifications

DHCP Pool Exhaustion Causes:

• Insufficient Address Space: Too few addresses in pool
• Long Lease Times: Addresses held too long
• Rogue DHCP Servers: Unauthorized DHCP servers
• DHCP Relay Issues: Incorrect relay configuration
• Network Growth: More devices than anticipated
• Guest Network Issues: Guest devices consuming addresses
• Mobile Devices: High device turnover
• VLAN Configuration: Incorrect VLAN assignments

DHCP Pool Exhaustion Symptoms:

• No IP Assignment: Devices cannot obtain IP addresses
• APIPA Addresses: Devices using 169.254.x.x addresses
• DHCP Errors: DHCP request failures
• Limited Connectivity: Devices with no internet access
• User Complaints: Users cannot connect to network
• Event Logs: DHCP server error messages
• Pool Status: DHCP pool shows 100% utilization
• Lease Information: All addresses leased

DHCP Pool Exhaustion Solutions:

• Expand Address Pool: Add more addresses to pool
• Reduce Lease Time: Shorten DHCP lease duration
• Remove Rogue Servers: Eliminate unauthorized DHCP servers
• Optimize Relay: Fix DHCP relay configuration
• Create Additional Pools: Add new DHCP scopes
• Implement Reservations: Use static reservations for servers
• Monitor Usage: Track DHCP pool utilization
• Plan Capacity: Plan for future growth

Default Gateway Issues:

• Wrong Gateway IP: Incorrect default gateway address
• Unreachable Gateway: Gateway not accessible
• Multiple Gateways: Conflicting gateway configurations
• DHCP Issues: DHCP not providing correct gateway
• Static Configuration: Manually configured wrong gateway
• VLAN Mismatch: Gateway in different VLAN
• Routing Issues: Gateway cannot route traffic
• Interface Problems: Gateway interface down

Default Gateway Troubleshooting:

• Check Configuration: Verify gateway IP address
• Test Connectivity: Ping default gateway
• Check Routing: Verify gateway can route traffic
• Test External Access: Ping external destinations
• Check DHCP: Verify DHCP gateway assignment
• Trace Routes: Use traceroute to verify path
• Check Interface Status: Verify gateway interface
• Document Changes: Record gateway modifications

Duplicate IP Causes:

• Static Configuration: Manually assigned duplicate addresses
• DHCP Conflicts: DHCP server assigning used addresses
• Reservation Issues: DHCP reservations conflicting
• Network Mergers: Overlapping address ranges
• Vendor Defaults: Devices using default IP addresses
• Administrative Errors: Human configuration mistakes
• Virtual Machines: VM IP address conflicts
• Network Changes: Address range modifications

Duplicate IP Symptoms:

• ARP Conflicts: Multiple MAC addresses for same IP
• Connectivity Issues: Intermittent connectivity problems
• Error Messages: "IP address already in use" errors
• Network Instability: Unstable network behavior
• Ping Failures: Inconsistent ping responses
• Application Errors: Application connectivity failures
• Event Logs: System event log errors
• Network Monitoring: Alerts from monitoring systems

Duplicate IP Resolution:

• Identify Conflicts: Use ARP tables to find duplicates
• Locate Devices: Find devices with duplicate addresses
• Change Addresses: Assign new IP addresses
• Update DHCP: Fix DHCP configuration
• Clear ARP Cache: Clear ARP tables on devices
• Test Connectivity: Verify connectivity after changes
• Document Changes: Record IP address assignments
• Prevent Future Issues: Implement IPAM solutions

Subnet Mask Issues:

• Wrong Mask: Incorrect subnet mask configuration
• Classful Assumptions: Using classful subnet masks
• VLSM Problems: Variable length subnet mask issues
• DHCP Configuration: DHCP providing wrong mask
• Static Configuration: Manually configured wrong mask
• Network Changes: Mask changes not propagated
• VLAN Configuration: Incorrect mask for VLAN
• Routing Issues: Mask affecting routing decisions

Subnet Mask Troubleshooting:

• Verify Configuration: Check subnet mask settings
• Test Connectivity: Ping local and remote hosts
• Check Routing: Verify routing table entries
• Validate DHCP: Check DHCP subnet mask assignment
• Calculate Networks: Verify network calculations
• Test Inter-VLAN: Test connectivity between VLANs
• Check Documentation: Verify against network documentation
• Update Configuration: Correct subnet mask settings