Wednesday, February 7, 2018

Chapter 1 - Troubleshooting Tools

As with any profession, the tools of the trade are incredibly important. A carpenter without a hammer or saw is just a person. Or a dentist without their picks and drills and other instruments of torture is just someone with an infatuation with dental health. Likewise, a WLAN Professional without the requisite tools, is just a person with a lot of knowledge about something people cannot see or touch.

Networking Tools
Throughput Tester: These are Tools like iPerf that test TCP/UDP traffic. Normally work off a client/server model to test throughput. It's important to note that throughput testers test for overall data throughput, not the data rate. This is incredibly beneficial when validating performance issues. Just because you have a fast advertised data rate, doesn't mean that your end-to-end throughput will match that. In fact, with normal overhead and contention, it never will.

Protocol Analyzer:
These allow you to capture and decode frames and packets. A perfect example of this is Wireshark. According to the book there will be an entire chapter dedicated to Protocol Analyzers (understandably given the context of the book.)

Spectrum Analyzer: These allow you to actually see the RF. Not just the WLAN, but all of the RF in the area. Allowing you to determine the actual strength of the signal, pinpoint sources of interference, and determine the channel utilization. For the utilization piece again, its how much of the channel is taken up by all RF sources, not just WLAN ones. This is important because although you may not see any other networks on Channel 6 for example, due to a poorly shielded microwave or a wireless security camera, it might be more utilized than another choice of channel.

Operating System Tools

Ping: Used to test connectivity/reachability between devices. Sends an ECHO ICMP to the target IP address.
  • -l (Lower case L) will change the data size in the ECHO message. The default ECHO message is only 32 bytes, so it may not reveal issues that a large message would.
  • -t will run the ping continuously until a interrupt command is issued (Windows its CTRL+C) This can be used to verify random connectivity issues, or to consistent roaming, or when testing reachability during HA failovers.

Traceroute: Determines the "path" that packets take to reach their destination. Using ICMP ECHO's (much like Ping) Traceroute will show each hop along the route that the packet needs to take.

Pathping: This is essentially Traceroute, but with more details included in the response.

Nslookup: Used to query DNS servers to resolve hostnames to IP Addresses.

Netstat: Shows network statistics for all network connections from the host machine. This can be run "ongoing" to help show any new connections that are created.

Netsh: This is a Windows-Only command that shows information about both the wireless adapter, connections, and configurations. It has a number of sub-commands (my term) four of which are going to be focused on in the exam. Those are detailed below. Note: The command will be "netsh wlan" followed by the sub-command below. For example "netsh wlan show drivers"
    • Shows details about the currently used wireless interface and profile.
      • Including the Authentication type
      • Channel
      • Data Rate
      • Signal Strength
    • Shows all visible wireless networks
    • To gain more detailed information the "mode=bssid" tag be added to the end of the command
      • This will show you the actual MAC Address of the radio(s)
      • Authentication Type
      • Radio Type
      • Signal strength
      • Channel
      • Basic Rates
      • "Other Rates"
    • Shows the actual wireless driver files being used by the adapter
    • Shows the security methods offered/supported by the adapter
    • Shows the PHYs that are supported
    • This will show all wireless profiles configured on the machine
    • If a specific profile name is provided it will then show a more details about that specific profile
      • Example "netsh wlan show profiles name="DCRWireless"
      • If the additional "Key=clear" command is used at the end of the above command it will show the PSK in cleartext. Which is fun. Remember to lock your systems when you walk away from them kids.

No comments:

Post a Comment