International Computer Science Institute (ICSI) has created an excellent Internet connectivity troubleshooting tool, it is called Netalyzr located at http://netalyzr.icsi.berkeley.edu/index.html.

The tool uses Java, when after you ran the tool, you will be given a report that shows to an extensive list of network characteristics for your network. The information includes but not limited to DNS, PMTU, Port filtering, HTTP filtering, DNS proxy, HTTP proxy, upload and download throughput, MTU, latency.

Keep in mind that this is a research project, ICSI keeps all the results to analyze the states of edge networks on the Internet.

If you are like me, there were times when you needed to send the same commands to multiple network devices through ssh. On Linux boxes, you can use ClusterSSH. If you use Windows, Millard Software has written a really nice utility that does just that, it is call Putty Command Sender (puttycs).

If you like to find out which VLAN is being used on your switches, an very useful IOS command is “show vlan counters”. Its output will tell you whether you can delete a VLAN from your switches.

This whitepaper includes a list a really nice DNS troubleshooting tools:

http://www.cisco.com/web/about/security/intelligence/dns-bcp.html

You probably have more than one DNS server listed in your Linux resolv.conf file. However if you notice your system would slow down when one of the DNS servers went off line, it is because if your applications resolve PTR record, it would send out a PTR record to the first DNS server on the list, and wait for 5 seconds, if no reply was received, Linux would then send out another PTR query to the next DNS server on the list. And that happens very time your system send out an PTR query.

To avoid this delay, all you need to do is to add the “rotate” option on your resolv.conf and Linux will send out PTR query to all the DNS servers at the same time, without the 5 seconds delay. In the event of a DNS server failure, your application that depends on PTR records will run smoothly without any delay.

Here is the tcpdump:

Without “options rotate”, notice the 5 seconds delay on PTR queries:

11:46:53.110876 IP 10.4.14.102.49357 > 10.4.10.10.domain:  13389+ A? www.google.com. (32)
11:46:53.113860 IP 10.4.14.102.57595 > 10.4.10.17.domain:  13389+ A? www.google.com. (32)
11:46:53.114577 IP 10.4.10.17.domain > 10.4.14.102.57595:  13389 7/0/0 CNAME www.l.google.com.,[|domain]
11:46:53.133496 IP 10.4.14.102.47839 > 10.4.10.10.domain:  51236+ PTR? 106.47.125.74.in-addr.arpa. (44)
11:46:58.134239 IP 10.4.14.102.56613 > 10.4.10.17.domain:  51236+ PTR? 106.47.125.74.in-addr.arpa. (44)
11:46:58.239757 IP 10.4.10.17.domain > 10.4.14.102.56613:  51236*- 1/0/0 (78)

Ever experience your Microsoft Windows server lost connectivity after an reboot? You can want to check the host’s default gateway. The is a bug in Windows, that could cause TCP/IP stack corruption. When that happens, Windows host would lose its default gateway after a reboot. Here is the Microsoft knowledge base:
http://support.microsoft.com/kb/299357

The fix is pretty easy, just execute this command to reset the host’s TCP/IP stack:


netsh int ip reset resetlog.txt