Specifications
35
VPN’s extend the trust environment to the employees PC. If this computer is compromised so is
the corporate LAN. Employees and family members need to understand safe computing practices.
PPPoE adds 8 bytes of overhead, this reduces max packet (MTU) to 1492 bytes rather then 1500.
Make sure the VPN handles this correctly.
8.7 Logging
The router creates several logs. It maintains statistics on the amount of traffic generated and received by
each host, logs sites accessed by host, and logs intrusion attempts. This information can be copied to a file
for additional analysis.
9 Debug -- When Things Go Wrong
Unfortunately networks occasionally fail. When a failure occurs it is often difficult to determine the
underlying cause. Windows includes a number of built in diagnostic tools.
Test
Result
Ping by IP address
Two machines can successfully connect
Ping by Name
DNS is working, Two machines can connect
WinIPcfg
Network adapter settings
Net View
DOS version of Network Neighborhood
Netstat -a
Active Ports
Trace Route
Observe host to host path
Ethernet Indicators
Verify physical link operation
In addition to the built in Windows tools DSL Reports has a number of tuning and diagnostics tests
http://www.dslreports.com/tools.
9.1 PING
PING is a command line utility to determine if a remote machine is reachable. The host is specified by
either IP address or domain name. PING uses the Internet Control Message Protocol (ICMP) to determine
round trip time to the remote host. In the first example we ping a local PC its IP address. In the second case
we ping a public web server on the Internet by its domain name. When using PING by name the first thing
PING does is translate the host name to IP address. This quickly determines if DNS is working correctly.
The third example shows a typical report when the host ignores ping requests.
PING is very useful to verify if the remote host is accessible and how long it takes to reach it. If the host
cannot be pinged low-level communication is broken and needs to be fixed. Not all computers respond to
ping requests. Some administrators disable the response. In that case the ping command times out as shown
in example 3.
Example 1: Ping local computer IP address.
Pinging 192.168.2.2 with 32 bytes of data:
Reply from 192.168.2.2: bytes=32 time=2ms TTL=128
Reply from 192.168.2.2: bytes=32 time=1ms TTL=128
Reply from 192.168.2.2: bytes=32 time=1ms TTL=128
Reply from 192.168.2.2: bytes=32 time=1ms TTL=128
Ping statistics for 192.168.2.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms