, , , ,

When bringing up a machine, and having to debug network connectivity, there is no substitute for being able to look at network traffic on the wire. Be aware that sniffing traffic can be fatal to your employment and perhaps your career if you do not follow the approved practices in your environment. If you do have the permission to perform network sniffing, it is an invaluable asset for debugging network problems.

One thing to be aware of, especially when not using UNIX or Linux, is that TCP/IP is an add-on protocol for other environments such as Windows and OpenVMS.

What can you determine from sniffing the network traffic?

  • Is the system sending out traffic at all?
  • What is the actual MAC address of the interface?
  • Are ARP requests going out?
  • Is DHCP being used? Is it failing or succeeding?
  • Is DNS being used? Is it failing or succeeding?
  • Is ping working? Are replies being received?

There are many other things that can be answered through looking at the network traffic. At its most basic (if network connectivity is the problem), the server can be disconnected and traffic looked at from the switch (with the normal cable) and from the server (using a cross-over cable).

With this information, it may be possible to clear up many netowrk connectivity problems.