Troubleshooting Network (WAN) Connectivity Issues: network bindings, proxy settings, hosts files, and DNS issues

Source: cybrary.it

Vendor: Practice Labs

Lab: 1.11 — Troubleshoot Internet Connection and DNS Issues

  • Exercise 1 — Troubleshooting Network (WAN) Connectivity Issues: network binding, proxy settings
  • Exercise 2 — Troubleshooting DNS Issues

After completing this lab, we will be able to:

  • Identify, analyze, and re-configure network bindings using Windows PowerShell
  • Modify, apply, and verify proxy settings
  • Troubleshoot hosts files issues
  • Troubleshoot DNS issues
  • Analyze DNS environment settings using BPA

CompTIA Network+ N10–007 Exam Objectives:

N10–007–5.2: Given a scenario, use the appropriate tool (Command line: ping, nslookup)

N10–007–5.5: Given a scenario, troubleshoot common network service issues (Names not resolving)

What are we doing?

This lab consists of two exercises that guide us through troubleshooting scenarios and steps to identify and resolve network connectivity issues.

Why would we want to do this?

WAN connections are not impervious to issues and can sometimes cause headaches for anybody trying to connect to the internet. Factors, such as misconfigured network bindings, missing proxy settings, misconfigured hosts files and DNS settings might cause connectivity issues.

Luckily for us, there are ways to isolate the issue, and checking to ensure our devices are properly connected to the right network adapter, and are properly communicating with our DNS server while ensuring our DNS server is functioning properly is usually the best place to begin our investigation.

Who would use this?

Information in this lab will be most beneficial for those administering their company’s network, such as systems admins, network admins, help-desk associates, and other related IT roles, but would benefit anybody trying to troubleshoot their own network connectivity issue.

Thoughts?

Hosts files seem like a pretty powerful tool. It even seems like it can be used as an added firewall layer and even help protect us against DNS cache poisoning, but I wonder how vulnerable it can be as well… or even its utility with resolvers…

source: practice labs

Exercise 1

Troubleshooting Network (WAN) Connectivity Issues:

  • network binding
  • proxy settings

A wide area network (WAN) connects computers across distributed geographical locations. This means WANs enable people to communicate and share data and information across cities, states, or even nations. The Internet is the prime example of a WAN.¹

In this exercise, we’ll begin troubleshooting our network connectivity issue by verifying our bindings and proxy settings.

After completing this exercise, we’ll be able to:

  • Identify, analyze, and re-configure network bindings using Windows PowerShell
  • Modify, apply, and verify proxy settings

Task 1 — Re-configure IP network bindings

Network bindings prioritize the network protocol used when making network connections. Windows and Linux operating systems use TCP/IP by default upon installation.

In this task, we’ll reconfigure our PLABWIN10 device to use only IPv4 while accessing the network.

Step 1: Connect to PLABWIN10 and open the Windows PowerShell as Administrator and input:

Get-NetIPInterface

This displays the details of the network interfaces defined on the device.

Notice that the PLABWIN10 device currently has two interfaces defined — Ethernet and Ethernet 2. Both are connected, and their policy store is active.

In this configuration, verify that Ethernet has the lower ifIndex or interface index (5 in this case). Lower ifIndex number ensures that the device will use this connection first to connect to other devices on the network (but can be overridden by the InterfaceMetric).

Now, let’s say we have a connection issue

We then check the network interfaces connected to our PLABWIN10 device and notice Ethernet 2 having a lower InterfaceMetric number (a higher priority for connection) than Ethernet.

In that case, we can manually change each interfaces’ priority so that our PLABWIN10 device connects to Ethernet before trying to connect to Ethernet 2. To do this, let’s first input this command:

Set-NetIPInterface -InterfaceIndex “5” -InterfaceMetric “1”

This sets Ethernet to have the highest priority (“1”). Now input:

Set-NetIPInterface -InterfaceIndex “7” -InterfaceMetric “2”

This sets Ethernet 2 to be the runner-up to Ethernet by giving it a priority of “2”

Note: Please be aware that our Interface Index Numbers for Ethernet and Ethernet 2 might be different.

The first command sets the Ethernet network adapter to be priority while accessing the network. The second command sets the Ethernet 2 network adapter to be secondary.

Thereafter, to confirm that the priority is applied, we can again issue the command:

Get-NetIPInterface

This should hopefully solve our connection issue, but if it doesn’t, we can always move to the next troubleshooting step.

Step 2: Open Control Panel and select Network and Internet > View network status and tasks.

On Network and Sharing Center, select the Change adapter settings link on the navigation pane at the left.

Step 3: On the Network Connections windows, right-click the Ethernet connection and select Properties.

On the Ethernet Properties dialog box displayed, scroll down the list of items used by the connection and locate the Internet Protocol Version 6 (TCP/IPv6).

Clear the Internet Protocol Version 6 (TCP/IPv6) check box and click OK.

Now PLABWIN10 can use only IPv4 to connect to other devices on the network.

Okay, here’s the thing with what we just did. IPv6 can sometimes give us unknown problems that make it difficult to troubleshoot. By disabling IPv6 and having our PLABWIN10 device only utilize IPv4, we can then check our connection to see if we can get on the internet.

If this works, Microsoft highly recommends to not completely disable IPv6 on our device, but to check Prefer IPv4 over IPv6 instead,² but a lot in the IT community will attest that disabling IPv6 has always provided better networking performance throughout any network they’ve worked on.

For this lab, we’ll keep IPv6 disabled on our PLABWIN10 device, and continue with our troubleshooting steps in Exercise 2. But, before we get there, let’s verify that our PLABWIN10 device is configured to utilize a proxy connection so that we can access the internet a little more safely.

Close the Network Connections window.

Task 1 Complete!

Task 2 — Verify Proxy Settings

A proxy server is a great security defense tool. Given that it has its own IP address, it acts as if it were just another computer attached to our network, allowing it to act as our gateway/firewall to the internet, while keeping our IP Information private, and secure. If anything nefarious penetrates our network through the internet, our proxy server will be the first to get infected and can hopefully prevent the infection from spreading onto any of the physical devices on our network.

Tunneling all of our internet packets to a proxy server first is also known to sometimes fix unknown connection issues to the internet by circumventing blocked resources that might be blocking our access and is considered a foundational standard when securing our network outside our LAN.

Utilizing a proxy server also tends to provide us with better networking performance, allowing our LAN to work faster and more efficiently, by acting as our DNS server as well.

Imagine having 200 users on our network try and access medium.com at the same time and we fail to utilize a proxy server. 200 requests would be sent out at the same time and would end up bottlenecking the response back and could possibly prevent some of our users from being able to access medium.com within a timely manner. With a proxy server, though, the server can act as a representative to the 200 users and only send out 1 request to the medium.com domain. Once our proxy server gets the response, it can then disburse the information to the 200 users and cache the domain name for future visits. This will not only ensure access to that domain no matter the amount of user requests, but also provides a much faster (and even safer) user experience.

Because of this, we’ll go ahead and ensure our PLABWIN10 device is configured to utilize a proxy server as our next troubleshooting step. Ensuring the proxy server is enabled will not only ensure that we are utilizing proper networking habits but will also help aide us with our DNS troubleshooting in Exercise 2.

If we feel like reading more about proxy servers and their benefits, give this awesome article by Jeff Peters a read:

What is a Proxy Server?

His article has one of the most clear and simple explanations on what a proxy server is and does. Here’s just a clip so you can see for yourself:

A proxy server is basically a computer on the internet with its own IP address that your computer knows. When you send a web request, your request goes to the proxy server first. The proxy server then makes your web request on your behalf, collects the response from the web server, and forwards you the web page data so you can see the page in your browser.

When the proxy server forwards your web requests, it can make changes to the data you send and still get you the information that you expect to see. A proxy server can change your IP address, so the web server doesn’t know exactly where you are in the world. It can encrypt your data, so your data is unreadable in transit. And lastly, a proxy server can block access to certain web pages, based on IP address.³

In this task, we’ll verify the proxy settings on our PLABWIN10 device.

Step 1: On our PLABWIN10 desktop, ensure that the Network and Sharing Center is displayed.

Click the Internet Options link at the bottom left.

Step 2: From Internet Properties, go to Connections tab. Click the LAN settings button.

In Local Area Network (LAN) settings, verify that a proxy server is configured with an Address of proxy.

Now that we’ve officially ensured that PLABWIN10 is configured to use a proxy connection, let’s move on to Exercise 2!

Exercise 1 Complete!

Exercise 2

Troubleshooting DNS Issues

Sometimes, our connection issues are caused by our DNS (Domain Name System) not acting the way we want it to. Remember, DNS resolves domain names and hostnames into numeric IP addresses on a TCP/IP network, so that us human users don’t need to memorize numbered IP addresses like 162.159.152.4 when trying to access “medium.com”. Think of DNS as our handy English to Computer translator when it comes to requesting access to other network locations: instead of typing “162.159.152.4”, we can simply type “medium.com” and our DNS server will know where we want to go.

If we feel like we need to learn more on what a DNS is and how it benefits us, give this article a read:

What is DNS?

Note: the article is definitely worth the read, regardless of our DNS knowledge; especially since it does such a great job at breaking down the 4 different types of DNS servers used to load a webpage and what makes a resolver so different from an authoritative server.

In this exercise, we’ll troubleshoot connectivity issues related to our hosts file, as well as our configuration of DNS. This exercise consists of 8 tasks that guide us through the proper steps when analyzing our DNS during network troubleshooting:

  • Task 1: Reconfigure our hosts file to override any IP information within our DNS that pertains to “plabdc01.practicelabs.com”
  • Task 2: Confirm a misconfigured hosts file by working around the hosts file to see if connection is successful
  • Task 3: Edit our hosts file to resolve connection issue

Tasks 4–7 show us other ways we can troubleshoot our DNS that eventually lead us to the same solution from Tasks 1–3

  • Task 4: Identify the IP of the DNS server
  • Task 5: Identify the name of the DNS server
  • Task 6: Ensure the DNS can connect to its clients
  • Task 7: Using the Network and Sharing Center GUI to identify the IP of the DNS server

Bonus —

  • Task 8: Analyze the environment settings of the DNS server using BPA

After completing this exercise, we’ll be able to:

  • Troubleshoot hosts files issues
  • Troubleshoot DNS issues
  • Analyze the environment settings of the DNS server using BPA

Task 1 — Using the Hosts file

Although hosts files are considered to be our original DNS before our Internet-wide DNS became widely adopted, and some might mistakenly think our current DNS replaced hosts files, it still has major uses today, and can provide not only an added layer of protection and security but can also provide us with more control during development and testing (and also troubleshooting).

Hosts files are special because they override the DNS and act as an IP filter. This is an excellent brute-force method of overriding our DNS, allowing users to quickly add any rerouting to current domains, which also means it’s highly prone to cause network issues when mishandled.

In this task, we’ll purposefully misconfigure our hosts file on our PLABWIN10 device by assigning a nonfunctioning IP address to “plabdc01.practicelabs.com” so that we can witness a DNS network issue in Task 2.

Step 1: Connect to PLABWIN10, and open a Command Prompt Terminal as Administrator and input:

notepad c:\windows\system32\drivers\etc\hosts

The hosts file opens in Notepad. Go to the end of the file and on a new line type:

192.168.0.100      plabdc01.practicelabs.com

Note: Press TAB twice after typing the numeric address. This will align the hostname plabdc01.practicelabs.com with the other entries above it.

This now tells our DNS server to always use IP 192.168.0.100 anytime users request “plabdc01.practicelabs.com,” and overrides any IP information for “plabdc01.practicelabs.com” that might happen to already be in our DNS.

On the menu bar at the top, click File and select Save.

Close the hosts file.

Step 2: Back on the Administrator Command Prompt window, input the following:

ipconfig /displaydns

Scroll through the output and find the entry for plabdc01.practicelabs.com. Notice the IP address that is displayed. We’ll also notice that it is designated as A (Host) Record. This indicates that the record was obtained from the hosts file.

We’ve officially re-configured the hosts file on the PLABWIN10 device!

Note: The changes made to hosts file have been applied within the local DNS cache. When resolving domain names, a device will look first at the hosts file before going to a DNS service. Any records in the hosts file will take precedence over any DNS service.

Task 1 Complete!

Task 2 — Confirming a Misconfigured Hosts File

In this task, we’ll troubleshoot and resolve the loss of network connectivity due to a misconfigured hosts file.

Step 1: Ensure that we’re connected to the PLABWIN10 device and the Administrator Command Prompt window is displayed.

From the PLABWIN10 device, attempt to ping PLABDC01 using its full domain name:

ping plabdc01.practicelabs.com

Notice that plabdc01.practicelabs.com is translated to an IP address of 192.168.0.100 but the destination host is unreachable.

This is because the IP address mentioned in the hosts file does not relate to any real host.

Step 2: Now try to connect to the available network drives on PLABDC01, again using FQDN. Type:

net use * \\plabdc01.practicelabs.com\c$

After several seconds, you get a message stating that System error 53 has occurred, the network path was not found.

Step 3: So, let’s input:

nslookup plabdc01.practicelabs.com

Now we can see what IP address plabdc01.practicelabs.com is assigned to and see if it matches the IP address from Step 1.

And It doesn’t!

Even though we got 192.168.0.100 as the IP address for Step 1, Step shows that 192.168.0.2 is the actual IP address

Note: Tasks 4–6 show us similar steps we could take in lieu of Step 3

Step 4: That means, the only way to successfully connect to shared drives on PLABDC01 is using its actual numeric IP address we just identified in Step 3. Let’s now input:

net use * \\192.168.0.2\c$

We’re informed that the command completed successfully

Since our command allows us to bypass the hosts file and since it was successful, this also tells us that our hosts file is most likely our culprit to our connection issue!

Task 2 Complete!

Let’s go into our hosts file and see what’s causing our problem (Hint: it’s the line we included in Task 1)

Task 3 — Editing our Hosts File and Confirming Resolved Connection Issue

Step 4: Still on the Administrator Command Prompt window, again issue the command to access the hosts file:

notepad c:\windows\system32\drivers\etc\hosts

On the hosts file displayed, remove the entry 192.168.0.100 plabdc01.practicelabs.com, save the file and exit Notepad.

Step 5: Back on the Administrator Command Prompt window, type:

ipconfig /flushdns

This clears the PLABWIN10 DNS cache of any previous entries.

System confirms successful flushing of the DNS Resolver Cache.

Step 6: Now try to connect to the PLABDC01 shared folder using the server name:

net use * \\plabdc01.practicelabs.com\c$

The command is now successful.

This is because removing the erroneous host record enables DNS to resolve the server name to a valid IP, and hence access the server.

Task 3 Complete!

Task 4 — Identify the IP of DNS Server on the Network

If refreshing the cache does not resolve the DNS issue, explore other resolution options. To do this, we must start by identifying the IP address of the DNS server on the network.

In this task, we’ll identify the IP address of the DNS server.

Step 1: On the PLABWIN10 device, enter the following command in the Administrator Command Prompt window:

ipconfig /all

Scroll to the Ethernet adapter Ethernet: section. Note the IP address of the DNS server configured on that interface.

Note: In this lab, the DNS server is also our PLABDC01 device (they have the same IP address), but this might not always be the case.

Task 4 Complete!

Task 5 — Identify the Name of the DNS Server

To explore the options to resolve DNS issues further, we might need to identify the name of the server, if not already known, by its IP address.

In this task, we’ll identify the name of the DNS server and its domain from the given IP address.

Step 1: From the Administrator Command Prompt window on PLABWIN10, type the following command to perform a reverse-lookup on the DNS server.

ping -a 192.168.0.2

After several seconds, the ping responds stating that it is Pinging PLABDC01. The reverse lookup was successful.

Task 5 Complete!

Task 6 — Ensure DNS Server Connectivity

To provide name resolution service, the DNS server must be connected properly and communicating with the other devices on the network.

In this task, we’ll ensure that the server can be contacted by the DNS clients.

Step 1: Connect to PLABDC01 and open a Command Prompt Terminal and input:

nslookup plabwin10

The command displays the fully qualified domain name (FQDN) of the target device with the given IP address. The name of the DNS server sending the command is typically mentioned as “unknown,” as seen here.

Notice that the FQDN of the target server here is plabwin10.PRACTICELABS.COM with a corresponding IP address of 192.168.0.5.

Step 2: On the command prompt, input:

ping plabwin10.practicelabs.com

The PLABWIN10 device successfully responds to the ping request. This confirms that the DNS service on the network is functional as the target server was contacted using the FQDN.

Close the command prompt window.

Note: If the ping to the FQDN had failed to get a response, you would then attempt to ping the PLABWIN10 device using its IP address.

Let us say the first ping failed, and we issue the following command:

ping 192.168.0.5

The ping to the IP address 192.168.0.5 receives the required response.

A response to the ping request on both — the FQDN and the IP address — confirms that the host records for the target server are correctly registered on the DNS server.

Step 3: Return to the PLABWIN10 device.

On the Administrator Command Prompt window, ping the DNS server:

ping 192.168.0.2

Notice that the DNS server responds to the ping command. This establishes that the server is alive and connected to the network.

Note: If the server had not responded to the ping request, then we would need to verify server’s connectivity to the network.

Note: A DNS server may still function correctly and not respond to ping requests. This could be because the firewall of the server may be configured to block ICMP packets. In this case, we would have to verify the configuration of the DNS server firewall and re-configure, if required.

Close the command prompt window and any other windows that may still be open.

Task 6 Complete!

Task 7 — Verify DNS Server Settings

If the ping to the FQDN of the target server had failed where the ping to the IP address had succeeded, it might indicate an incorrect configuration of the DNS settings on the computer initiating the query.

In this task, we’ll ensure that the DNS settings are properly configured on the server requesting DNS service.

Step 1: On the PLANWIN10 desktop, right-click the Network icon and select Open Network and Sharing Center.

On the Settings Status window, select the Network and Sharing Center link.

On the Network and Sharing Center, select the Change adapter settings link on the navigation pane at the left.

Step 2: On the Network Connections window, right-click the Ethernet icon and select Properties.

On the Local Area Connection Properties dialog box, select Internet Protocol Version 4 (TCP/IPv4) and click Properties.

On the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, notice that the IP address of the preferred DNS server is 192.168.0.2. This is indeed the IP address of the PLABDC01 device.

This confirms that the preferred DNS server is configured to be used on the IPv4 protocol on the Ethernet interface of PLABWIN10 device.

Click OK and then click Close. Close any remaining open windows.

Task 7 Complete!

Task 8 — Check the Settings-Environment of the DNS Server

After verifying the connectivity of the DNS server and reconfiguring the DNS settings, you can proactively check for any possible issues that might arise in the current setting. To do this, use the Best Practices Analyzer (BPA) tools from Microsoft. The BPA tools, a part of the Windows 2019 Server, compare the DNS settings on our server to the established best practices for smooth DNS operation.

In this task, we’ll use the BPA tool to ensure most suitable configuration settings for the DNS server.

Step 1: Connect to PLABDC01.

From the taskbar, click the Server Manager icon.

Note: If we had closed the Server Manager earlier in this lab, click in the Type here to search text box and begin typing Server Manager. When the Server Manager item appears in the menu, click it.

On the Server Manager Dashboard window, click DNS found on the left panel of the window.

Step 2: Scroll down in the DNS Server pane until you reach the Best Practices Analyzer section. Click the TASKS menu and select the Start BPA Scan menu item.

On the Select Servers window, verify that the check box for the PLABDC01 device is selected and click Start Scan.

Wait until the scan completes. It might take several minutes.

Note: The scan may take up to five minutes. You will know that the scan is continuing by the fact that the orange title bar repeatedly has a blue pulse that goes through it from left to right. When the scan is complete, the table will be populated.

When the scan completes, the detailed result is displayed. Scroll through the results and identify those with the severity of Error. You can click on the title of the column Severity to re-sort the results according to the level of severity.

These results can be analyzed and used to re-configure the DNS environment for optimal performance.

Exercise 2 Complete!

Anxious Buddhist | Hobby Eater | Maze Master

Anxious Buddhist | Hobby Eater | Maze Master