CREATING A REMOTE ACCESS POLICY FOR DOMAIN ADMINISTRATORS IN THIS PROC...

6.

Ping several computers on another network that are accessible through the default

gateway.

If this test fails (and the previous test succeeded), then you know that although the

default gateway is up and running, it might not be routing packets properly. A fail­

ure to ping a single computer on another network could indicate that the destina­

tion system is not running, but if you cannot ping several systems on another

network, it is likely that there is a routing problem.

Tip

For best results, you should try to ping systems on a network to which the default gate-

way is directly connected. This way, you know that if the test fails, the default gateway is the

problem. If the packets are passing through two or more routers to get to their destinations,

any one of the routers could be at fault, and you must use another tool (such as Tracert.exe

or Pathping.exe) to determine which router is malfunctioning.

Using Tracert.exe

Tracert.exe is the Windows operating system’s implementation of the UNIX traceroute

program. TRACERT enables you to view the path that packets take from a computer to

a specific destination. When you type tracert and an IP address at the Windows com­

mand prompt, the program displays a list of the hops to the destination, including the

IP address and DNS name (where available) of each router along the way, as follows:

Tracing route to https://traloihay.net [10.146.1.1]

over a maximum of 30 hops:

1

<10 ms

1 ms

<10 ms

192.168.2.99

2

105 ms

92 ms

98 ms

qrvl-67terminal01.epoch.net [172.24.67.3]

3

101 ms

110 ms

98 ms

qrvl.epoch.net [172.24.67.1]

4

123 ms

109 ms

118 ms

svcr03-7b.epoch.net [172.24.103.125]

5

123 ms

112 ms

114 ms

clsm02-2.epoch.net [172.24.88.26]

6

136 ms

130 ms

133 ms

sl-0-T3.sprintlink.net [10.228.116.5]

7

143 ms

126 ms

138 ms

sl-3.sprintlink.net [192.168.5.117]

8

146 ms

129 ms

133 ms

sl-12-0.sprintlink.net [192.168.5.1]

9

131 ms

128 ms

139 ms

sl-13-0.sprintlink.net [192.168.18.38]

10

130 ms

134 ms

134 ms

sl-8-0.sprintlink.net [192.168.7.94]

11

147 ms

149 ms

152 ms

sl-0.sprintlink.net [192.168.173.10]

12

154 ms

146 ms

145 ms

ny2-ge021.router.demon.net [172.21.173.121]

13

230 ms

225 ms

226 ms

tele-ge023.router.demon.net [172.21.173.12]

14

233 ms

220 ms

226 ms

tele-fxp1.router.demon.net [10.159.252.56]

15

223 ms

224 ms

224 ms

tele-14.router.demon.net [10.159.254.245]

16

236 ms

221 ms

226 ms

tele-165.router.demon.net [10.159.36.149]

17

220 ms

224 ms

210 ms

https://traloihay.net [10.146.1.1]

Trace complete.

Tracert.exe is an excellent tool for locating a malfunctioning router, because it is able

to inform you how far packets have gotten on the way to their destination. When one

of the routers on the path is not forwarding packets properly, the TRACERT output

stops at the last functioning router. You know then that the next router on the path is

the one experiencing the problem.

Lesson 4 Troubleshooting TCP/IP Routing

5

-

43

How Tracert.exe Works

Tracert.exe works by sending ICMP Echo Request messages to the destination,

much as PING does, but with a special difference. For the first group of three Echo

Request messages, TRACERT assigns a value of 1 to the IP header’s Time to Live

(TTL) field. The TTL field is a safety measure designed to prevent packets from cir­

culating endlessly around an internetwork. Normally, computers running Windows

operating systems assign a value of 128 to the TTL field. When a router processes

a packet, it reduces the TTL value by 1; if the TTL value reaches 0, the router dis­

cards the packet and returns an error message to the system that transmitted it.

Because the first three TRACERT packets have a TTL value of 1, when they reach

the first router on their path, the router reduces their TTL values to 0 and discards

them, sending error messages back to the sender. Then, for each successive

group of three Echo Request messages, TRACERT increments the initial TTL value

by 1, causing each group of packets to travel one more hop on the way to the

destination before the router discards them. The TRACERT program uses the error

messages generated by the routers (which contain the routers’ IP addresses) to

create the output display.

Tip

It is important to understand that routes through a large internetwork can change fre-

quently, for a variety of reasons, and packets can take different paths to the same destina-

tion. Therefore, when you use TRACERT, it is possible (although not probable) for the path

through the internetwork taken by successive sets of Echo Request messages to be different.

When you are using TRACERT to locate a malfunctioning router, you should run the program at

least twice, using the same destination, to ensure that you are seeing an accurate path

through the network.

Using Pathping.exe

Pathping.exe is another tool available from the Windows command prompt that is sim­

ilar to Tracert.exe in that it traces a path through the network to a particular destination

and displays the names and addresses of the routers along the path. PATHPING is dif­

ferent, however, because it reports packet loss rates at each of the routers on the path.

TRACERT is the preferred tool for locating a router failure that completely interrupts

communications, while PATHPING is more useful when you can connect to a destina­

tion, but you are experiencing data loss or transmission delays.

After displaying the path to the destination, PATHPING sends 100 packets (by default)

to each of the routers on the path and computes the packet loss rate in the form of a

percentage. A typical PATHPING output display appears as follows:

Computing statistics for 125 seconds...

Source to Here

This Node/Link

Hop

RTT

Lost/Sent=Pct

Lost/Sent

=

Pct

Address

0

172.16.87.35

0/ 100

=

0%

|

1

41ms

0/ 100 = 0%

0/ 100

=

0%

172.16.87.218