diff options
Diffstat (limited to 'docbook/wsug_src/WSUG_chapter_troubleshoot.xml')
-rw-r--r-- | docbook/wsug_src/WSUG_chapter_troubleshoot.xml | 160 |
1 files changed, 80 insertions, 80 deletions
diff --git a/docbook/wsug_src/WSUG_chapter_troubleshoot.xml b/docbook/wsug_src/WSUG_chapter_troubleshoot.xml index ecc0c5756c..ff6118ece5 100644 --- a/docbook/wsug_src/WSUG_chapter_troubleshoot.xml +++ b/docbook/wsug_src/WSUG_chapter_troubleshoot.xml @@ -10,100 +10,100 @@ contains a number of features that allow you to quickly focus on problems in your network for several reasons: <itemizedlist> - <listitem> - <para> - It allows you to focus in on specific packets and protocols, - as you can see a large amount of detail associated with - various protocols. - </para> - </listitem> - <listitem> - <para> - It supports a large number of protocols, and the list of - protocols supported is growing as more people contribute - dissectors - </para> - </listitem> - <listitem> - <para> - By giving you a visual view of traffic in parts of your - network, and providing tools to filter and colorize that - information, you can get a better feel for your network - traffic, and can understand your network better. - </para> - </listitem> + <listitem> + <para> + It allows you to focus in on specific packets and protocols, + as you can see a large amount of detail associated with + various protocols. + </para> + </listitem> + <listitem> + <para> + It supports a large number of protocols, and the list of + protocols supported is growing as more people contribute + dissectors + </para> + </listitem> + <listitem> + <para> + By giving you a visual view of traffic in parts of your + network, and providing tools to filter and colorize that + information, you can get a better feel for your network + traffic, and can understand your network better. + </para> + </listitem> </itemizedlist> </para> <para> The following general approach is suggested: <itemizedlist> - <listitem> - <para> - Determine that the problem looks like a networking problem. - There is no point in capturing packets if the problem is not - networking related. - </para> - </listitem> - <listitem> - <para> - Figure out where to capture packets. You will have to - capture packets from a part of the network where you can - actually get network traffic related to the problem. This is - especially important in the presence of switches and routers. - See <xref linkend="Ch04ROUSWI"/> for more details. - </para> - <para> - Because Wireshark can read many capture file formats, you can - capture using any convenient tool. One useful approach is - to use <command>tcpdump</command> to capture on remote - systems and then copy the capture file to your system for - later analysis. For more details on capturing with - <command>tcpdump</command>, see <xref linkend="Ch05tcpdump"/>. - </para> - </listitem> - <listitem> - <para> - Once you have captured packets that you think relate to - the problem, load them into Wireshark and look for your - problem. Using Wireshark's filtering and colorization - capabilities, you can quickly narrow down the capture to the - area of interest. - </para> - </listitem> - <listitem> - <para> - Examine the appropriate fields within the packets where - the problem appears to be. These can often help to reveal - the problem. - </para> - </listitem> + <listitem> + <para> + Determine that the problem looks like a networking problem. + There is no point in capturing packets if the problem is not + networking related. + </para> + </listitem> + <listitem> + <para> + Figure out where to capture packets. You will have to + capture packets from a part of the network where you can + actually get network traffic related to the problem. This is + especially important in the presence of switches and routers. + See <xref linkend="Ch04ROUSWI"/> for more details. + </para> + <para> + Because Wireshark can read many capture file formats, you can + capture using any convenient tool. One useful approach is + to use <command>tcpdump</command> to capture on remote + systems and then copy the capture file to your system for + later analysis. For more details on capturing with + <command>tcpdump</command>, see <xref linkend="Ch05tcpdump"/>. + </para> + </listitem> + <listitem> + <para> + Once you have captured packets that you think relate to + the problem, load them into Wireshark and look for your + problem. Using Wireshark's filtering and colorization + capabilities, you can quickly narrow down the capture to the + area of interest. + </para> + </listitem> + <listitem> + <para> + Examine the appropriate fields within the packets where + the problem appears to be. These can often help to reveal + the problem. + </para> + </listitem> </itemizedlist> </para> </section> <section id="Ch04ROUSWI"> <title>Capturing in the presence of switches and routers</title> <para> - In the old days of Ethernet, all network traffic was spread over one - "yellow" cable through the whole network. Capturing data was easy, - as all packets from the network could be captured using the - "promiscuous mode" at any place in the network. The only devices blocking - network traffic, were routers. But as routers were extremely expensive, - they were not widely used. + In the old days of Ethernet, all network traffic was spread over one + "yellow" cable through the whole network. Capturing data was easy, + as all packets from the network could be captured using the + "promiscuous mode" at any place in the network. The only devices blocking + network traffic, were routers. But as routers were extremely expensive, + they were not widely used. </para> <para> - Then Ethernet wiring using hubs become the state of the art. As the hubs - still spaded the packets all over the network, things regarding - capturing didn't changed. + Then Ethernet wiring using hubs become the state of the art. As the hubs + still spaded the packets all over the network, things regarding + capturing didn't changed. </para> <para> - At the next stage, Ethernet switches became widely available. This - complicated things a lot. When capturing traffic on a computer connected - to a switch, usually the switch will only forward packets to the computer, - which are directed to it, or to all computers (broadcasts). It's much the - same like deactivating the promiscuous mode of the capturing network card. + At the next stage, Ethernet switches became widely available. This + complicated things a lot. When capturing traffic on a computer connected + to a switch, usually the switch will only forward packets to the computer, + which are directed to it, or to all computers (broadcasts). It's much the + same like deactivating the promiscuous mode of the capturing network card. </para> <para> - There are some ways to circumvent this. + There are some ways to circumvent this. </para> <para> Many vendor's switches support a feature known as "port spanning" @@ -111,7 +111,7 @@ are also sent out port B. An excellent reference on the "port spanning" feature of Cisco switches can be found at <ulink url="http://www.cisco.com/warp/public/473/41.html"> - Configuring the Catalyst Switched Port Analyzer (SPAN) Feature + Configuring the Catalyst Switched Port Analyzer (SPAN) Feature </ulink> </para> </section> @@ -120,8 +120,8 @@ <para> Troubleshooting often requires a reasonable knowledge of the protocols in question. However, as Wireshark will often give you some - good hints, you might get an idea of what is going wrong simply by - looking in the packets being exchanged. + good hints, you might get an idea of what is going wrong simply by + looking in the packets being exchanged. </para> </section> </chapter> |