Fatskills
Practice. Master. Repeat.
Study Guide: CompTIA Cloud+ CV0-003 Exam: Troubleshooting Connectivity Issues and Common Performance Issues
Source: https://www.fatskills.com/cloud-computing/chapter/comptia-cloud-cv0-003-exam-troubleshooting-connectivity-issues-and-common-performance-issues

CompTIA Cloud+ CV0-003 Exam: Troubleshooting Connectivity Issues and Common Performance Issues

By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.

⏱️ ~22 min read

Objective: Given a scenario, troubleshoot connectivity issues.
Objective: Given a scenario, troubleshoot common performance issues.

The bulk of this guide will cover troubleshooting connectivity issues. This description will include common networking configuration issues and the tools that are commonly used to troubleshoot these networking issues.

Topics:
- Network Security Group Misconfigurations
- Common Networking Configuration Issues
- Network Troubleshooting Tools
- Resource Utilization
- Application
- Incorrectly Configured or Failed Load Balancing

1. _____ are designed to protect a VPC, whereas _____ are used to protect virtual machines within a VPC.
2. With _____ a network connection is established between two VPCs.
3. What are some of the components that make up QoS?
4. You can see the gateways that the packet passes through by executing the _____ command.

Answers:
1. Security groups, network ACLs
2. Peering
3. Bandwidth, latency, and jitter
4. tracert or traceroute

Network Security Group Misconfigurations
Recall that a network security group is designed to provide protection to a network (VPC). These groups act like virtual firewalls for your cloud-based network. However, they aren’t designed to protect everything in the VPC, but rather just the virtual machine (VM) resources. To protect the entire VPC, you can create network ACLs (access control lists). Some additional differences are demonstrated below.

TABLE: Security Group versus NACL

Feature

Security Groups

NACLs

State

Stateful (incoming rules will be applied to outgoing rules automatically)

Stateless

Allow or deny

Only allow rules are permitted

Both allow and deny rules are permitted

Rule order

Does not apply

Rules are applied in the order that they appear in the rule list

Number of rule sets

Multiple security groups can be applied to a subnet

Only one NACL can be applied to a subnet


Access Control Lists (ACLs)
A misconfigured network ACL can end up blocking or allowing access to the resources, which is not the intention. Keep in mind that the order of the rules is important, so not placing rules in the correct order can result in unexpected results. For example, suppose you want to allow all systems from the 192.168.100.0/24 network to be allowed to connect to the subnet, but you don’t want to allow machine 192.160.100.200 from that subnet to have any access. A rule set like the following would work to accomplish this goal (note that these are not actual rules, but verbal descriptions of the rules, and … represents “other rules that don’t apply in this example”):

Rule 27: Block 192.168.100.200
Rule 28: Allow 192.168.100.0/24


However, the following rule set would not block 192.168.100.200:
Rule 27: Allow 192.168.100.0/24
Rule 28: Block 192.168.100.200

After a rule is applied to an inbound packet, none of the subsequent rules will be applied.

Inheritance
In some cases you may be able to inherit NACLs from other rule sets. If this is the case, understand fully what rules the inherited rule set provides. If it is true inheritance (sometimes it is just a copy of an existing rule set), understand that changes to the inherited rule set can impact your overall rule set. Typically, inherited rule sets are applied first, so this is another complication that you need to consider when using this feature.

Common Networking Configuration Issues
In any network environment, a large number of things can go wrong. In this section you’ll learn about some of the common networking configuration issues that you may encounter.
Note that for any of the network categories found in this section, dozens of different issues can cause problems. It is important to note that this exam objective is about focusing on “common” networking issues that are based on “configuration,” not all of the networking issues that can arise from multiple categories of problems.
Within your cloud network, you may encounter situations in which you want resources in one VPC to be able to communicate with resources in another VPC. This type of communication isn’t normally configured by default.
If the resources have public IP addresses, they may be able to communicate, but this communication also might be blocked by security group rules or network ACL rules. The communication might also suffer lags because the network packets are routed toward the Internet first and then back into the security group, VPC, and then the destination resource.
With peering (often called VPC peering or virtual network peering), a network connection is established between two VPCs. This connection allows resources to communicate between the two VPCs, much like if they were on the same network. In this way, resources can use the cloud network instead of the Internet for communications.
In terms of troubleshooting, one common issue arises when one VPC becomes associated with the peering connection. Another issue to look for is if one of the VPCs is migrated to a different region, which will likely require establishing a new peering connection.

Incorrect Subnet, IP Address, and IP Space
Many of the cloud resources that are assigned an IP address make use of dynamic assignment via a DHCP server. This server is normally provided by the cloud provider (or, for on-premises solutions, managed by your organization). For some situations you may want to use static IP assignment in which you manually configure the IP address, subnet mask, and other network settings. This configuration is important to ensure a consistent IP address for servers.
However, whenever you manually configure IP settings, you run the risk of errors. You may provide the wrong address, subnet, IP space, or other networking configuration information. This can result in connectivity issues.
To troubleshoot such issues, verify the network settings and make sure they are correct for the network where the resource was placed. Try to connect to the system from outside the network using the tools described in the “Network Troubleshooting Tools” section later in this guide, including the ping, ipconfig/ifconfig/ip, and tracert/traceroutecommands.

Routes
A route is the way a resource communicates outside the local network. This communication is sent to a router (also called a gateway). An incorrectly configured route can result in not being able to send network packets outside the local network. Use the routecommand, which is described in the “Route” section later in this guide, to see how to display the routes and make changes to the routes.

Default
In some cases, a resource might be in a network that has different routers connected to the network. For example, one router may provide access to another network within your infrastructure, whereas another router may provide access to the Internet. In this scenario, you would configure the resource’s routing table to specifically send any network traffic destined for the internal network directly to a specific router. Then you would have a rule in the routing table that says, “Send all other network traffic (besides traffic on the local network that the resource is a part of) to the Internet router.” In this case, the Internet router is referred to as the default router.
As with any routing issue, you should use the routecommand, which is described in the “Route” section later in this guide, to help you troubleshoot issues with the default router.

Static
In static routing an administrator sets specific routers or gateways to route network traffic. A static route doesn’t change after it has been set, unless the administrator manually changes the configuration.
The potential problem with static routing is that it creates a single point of failure. If the specified router becomes unresponsive, traffic to that network no longer works. To resolve this issue, troubleshoot issues with that router, which can include mechanical problems or a configuration change. Additionally, you can consider switching to dynamic routing.

Dynamic
In dynamic routing routing paths can change automatically based on algorithms that indicate the best routing path to take. While more complex than static routing, dynamic routing tends to be more robust because lost connectivity to a router results in a new routing path being chosen.
Dynamic routing is normally used in large network infrastructures and can be complex to implement and administer. When issues do arise, you should focus troubleshooting efforts on the routing protocol and use tools described in the “Ping” and “Tracert/Traceroute” sections in this guide.

Firewall
A firewall is used to either permit or block network traffic based on conditions like the source IP of the network packet or the destination port of the network packet, for example. For further details, see “Firewall Software” in “OS and Application Security Controls.”

Incorrectly Administered Microsegmentation
Microsegmentation is a security feature that allows administrators to logically divide resources into groups and apply a different set of security rules to each group. In terms of firewalls, microsegmentation is the process of creating zones.
To troubleshoot, start by creating a network diagram that displays all of the resources in the network and which zone each resource belongs to. Verify that the zone rules are applied correctly for each resource that resides within that zone. To test connectivity though the firewall, use tools described in the “Ping” and “Tracert/Traceroute” sections in this guide.

Network Address Translation (NAT)
Network Address Translation is a configuration setting found on a router that converts the private IP addresses of a network packet into public IP addresses. The goal is to be able to send network packets from internal, private networks to the Internet without exposing the internal addresses. NAT was originally designed to overcome the lack of Internet-routable IP addresses that IPv4 provides, but it has other benefits.

There are several different forms of NAT:
- DNAT (Destination NAT): 
Used when you want to place servers behind a firewall and still provide access from an external network.
- SNAT(Source NAT): Used when you have an internal network with statically assigned private IP addresses. Using SNAT, you can funnel access to the Internet via a single machine that has a live IP address (an address that is routable on the Internet). This system is configured with SNAT, which is used to map internal addresses with external communication.
- MASQUERADE: Used when you have an internal network with dynamically (DHCP) assigned private IP addresses. Using MASQUERADE, you can funnel access to the Internet via a single machine that has a live IP address (an address that is routable on the Internet). This system is configured with MASQUERADE, which is used to map internal addresses to external communication.

Because most internal networks use DHCP to assign IP addresses, MASQUERADE is more common than SNAT. It is also easier to configure because SNAT requires you to create rules for each internal system.

NAT rules are often implemented on a router that acts as a firewall. The rules of the firewall perform the modification of the source and destination IP addresses in the metadata of the network packets. As a result, when you’re troubleshooting issues with NAT, the configuration of the firewall that performs the NAT function should be the first place you look.
For details about VPNs, see “Virtual Private Networks (VPNs)” in “Cloud Networking Solutions.”

Load Balancers and DNS Records
For more details, see the “Load Balancers” and “Domain Name Service (DNS)” sections here.

VLAN/VxLAN/GENEVE and Proxy
For more information, see “Virtual LAN (VLAN)/Virtual Extensible LAN (VxLAN)/Generic Network Virtualization Encapsulation (GENEVE)” and “Proxy Servers” in “Secure a Network in a Cloud Environment.”

Maximum Transmission Unit (MTU)
When packets are sent on the network, there needs to be an agreement between the different nodes on the network as to the maximum size of the packet. As a result, an attribute called the maximum transmission unit, or MTU, is normally assigned to the network. The MTU tells the system that when it puts together network packets they should not exceed the size indicated by this value.
On most modern systems, this value is automatically assigned when the network interface (network interface card, or NIC) first connects to the network. A query is sent to the node attached to the local node to determine what the maximum packet size should be. This value can also be configured manually, but the risk with that is the value might not be the same as other nodes on the network.
The standard MTU size is 1500 bytes, but this value can be adjusted to provide better network performance. For troubleshooting, ensure that all nodes in the network are using the same MTU.

Quality of Service (QoS)
Quality of service is a term that is applied to networks to ensure that the overall performance of a network is within an acceptable range. QoS is closely related to other terms, including bandwidth, latency, and jitter. See “Network” in “Optimize Cloud Environments” for more details on these terms.

Time Synchronization Issues
For more details on time synchronization issues, see the “Network Time Protocol (NTP)” section here.

Network Troubleshooting Tools
In this section you’ll explore a collection of troubleshooting tools that you can use to determine the cause of networking issues. The examples provided are executed on a Linux-based system. In most cases these tools will also function on Windows or MacOS.

ping
The pingcommand is used to verify that a remote host can respond to a network connection:

[root@OCS ~]# ping -c 4 google.com
PING google.com (172.217.5.206) 56(84) bytes of data.

64 bytes from lax28s10-in-f14.1e100.net (172.217.5.206):
icmp_seq=1 ttl=55 time=49.0 ms

64 bytes from lax28s10-in-f206.1e100.net (172.217.5.206):
icmp_seq=2 ttl=55 time=30.2 ms
icmp_seq=3 ttl=55 time=30.0 ms
icmp_seq=4 ttl=55 time=29.5 ms
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3008ms
rtt min/avg/max/mdev = 29.595/34.726/49.027/8.261

tracert/traceroute


When you send a network packet to a remote system, especially across the Internet, it often needs to go through several gateways before it reaches its destination. You can see the gateways that the packet passes through by executing the traceroutecommand:
# traceroute onecoursesource.com
traceroute to onecoursesource.com (38.89.136.109), 30 hops max, 60
byte packets
- 1 10.0.2.2 (10.0.2.2) 0.606 ms 1.132 ms 1.087 ms
- 2 b001649-3.jfk01.atlas.cogentco.com (38.104.71.201)
0.738 ms 0.918 ms 0.838 ms
- 3 154.24.42.205 (154.24.42.205) 0.952 ms 0.790 ms 0.906 ms
- 4 be2629.ccr41.jfk02.atlas.cogentco.com (154.54.27.66)
1.699 ms 1.643 ms 1.347 ms
- 5 be2148.ccr41.dca01.atlas.cogentco.com (154.54.31.117)
8.053 ms 7.719 ms 7.639 ms
- 6 be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
18.276 ms 18.418 ms 18.407 ms
- 7 be2687.ccr21.iah01.atlas.cogentco.com (154.54.28.70)
32.861 ms 32.917 ms 32.719 ms
- 8 be2291.ccr21.sat01.atlas.cogentco.com (154.54.2.190)
38.087 ms 38.025 ms 38.076 ms
- 9 be2301.ccr21.elp01.atlas.cogentco.com (154.54.5.174)
48.811 ms 48.952 ms 49.151 ms
10 be2254.ccr21.phx02.atlas.cogentco.com (154.54.7.33)
57.332 ms 57.281 ms 56.896 ms
11 te2-1.mag02.phx02.atlas.cogentco.com (154.54.1.230)
56.666 ms 65.279 ms 56.520 ms
12 154.24.18.26 (154.24.18.26) 57.924 ms 58.058 ms 58.032 ms
13 38.122.88.218 (38.122.88.218) 79.306 ms 57.740 ms 57.491 ms
14 onecoursesource.com (38.89.136.109) 58.112 57.884 ms 58.299 ms

Note that on some systems, like Microsoft Windows, the traceroutecommand is called tracert.

flushdns
DNS entries are often cached for a period of time. This can cause problems if the DNS records change. To remove the cached DNS entries in Microsoft Windows, execute the ipconfig /flushdnscommand.

ipconfig/ifconfig/ip

The ifconfigcommand displays basic IP network settings for devices:
[root@localhost ~]# ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.26 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a00:27ff:feb0:dddc prefixlen 64 scopeid 0x20<link>
ether 08:00:27:b0:dd:dc txqueuelen 1000 (Ethernet)
RX packets 103224 bytes 17406939 (16.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16408 bytes 3008229 (2.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 4891 bytes 257583 (251.5 KiB)
TX packets 4891 bytes 257583 (251.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Table below describes important options for the ifconfigcommand.


TABLE: Common ifconfig Options

Option

Description

-a

Displays all interfaces, even interfaces that are currently down

-s

Displays output like the netstat -i command

-v

Turns on verbose mode


The ifconfigcommand can also be used to manually define network settings for a specific device. For example:

ifconfig enp0s3 192.168.1.26 netmask 255.255.255.0 broadcast
192.168.1.255

These changes are temporary and will survive only until the next time the system is booted. Permanent changes are made within your system’s configuration files, which vary from one distribution to another.
Note that on some systems, like Microsoft Windows, the ifconfigcommand is called ipconfig.
The newer ipcommand is designed to replace a collection of commands related to network interfaces. Table below describes some of the more important options.

TABLE: Important ip Options

 

Object

Refers to

addr

IPv4 or IPv6 address

link

Network device

route

Routing table entry

 


TABLE: Important ip Commands

 

Command

Description

add

Adds an object

delete

Deletes an object

show (or list)

Displays information about an object


The following example displays network information for devices, much like the ifconfigcommand:

[root@OCS ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
- inet6 ::1/128 scope host
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP qlen 1000
- link/ether 08:00:27:b0:dd:dc brd ff:ff:ff:ff:ff:ff
- inet 192.168.1.26/24 brd 192.168.1.255 scope global dynamic
enp0s3
valid_lft 2384sec preferred_lft 2384sec
inet 192.168.1.24/16 brd 192.168.255.255 scope global enp0s3
inet6 fe80::a00:27ff:feb0:dddc/64 scope link
valid_lft forever preferred_lft forever

nslookup/dig


The nslookupcommand is designed to perform simple queries on DNS servers:

[root@OCS ~]# nslookup google.com
Server:8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
Name:google.com
Address: 216.58.219.238

Although this command has often been referred to as obsolete or deprecated, it is still often used on modern distributions. The nslookupcommand is normally run without any options.

The digcommand is useful for performing DNS queries on specific DNS servers. The format of the command is demonstrated here:

[root@OCS ~]# dig google.com
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> google.com
;; global options: +cmd

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56840
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:
;google.com.INA

;; ANSWER SECTION:
google.com. 268INA216.58.217.206
;; Query time: 36 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sun Mar 05 17:01:08 PST 2017
;; MSG SIZE rcvd: 55

To query a specific DNS server rather than the default DNS servers for your host, use the following syntax: dig @server host_to_lookup. Table 25.5 describes common options for the digcommand.

TABLE: Common dig Options

 

Option

Description

-f file

Uses the content of file to perform multiple lookups; the file should contain one hostname per line.

-4

Performs only IPv4 queries.

-6

Performs only IPv6 queries.

-x address

Performs a reverse lookup (returns the hostname when provided an IP address).


netstat/ss
The netstatcommand is useful for displaying a variety of network information. It is a key utility when troubleshooting network issues. Table 25.6 describes common options for the netstatcommand.

TABLE: Common netstat Options

 

Option

Description

-t or --tcp

Displays TCP information

-u or --udp

Displays UDP information

-r or --route

Displays the routing table

-v or --verbose

Turns on verbose mode; displays additional information

-i or --interfaces

Displays information based on a specific interface

-a or --all

Applies to all

-s or --statistics

Displays statistics for the output


For example, the following command will display all active TCP connections:

[root@OCS ~]# netstat -ta
Active Internet connections (servers and established)
Proto Recv-Q Send-QLocal AddressForeign Address State
tcp 0 0 192.168.122.1:domain0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh0.0.0.0:* LISTEN
tcp 0 0 localhost:ipp 0.0.0.0:* LISTEN
tcp 0 0 localhost:smtp0.0.0.0:* LISTEN
tcp60 0 [::]:ssh[::]:* LISTEN
tcp60 0 localhost:ipp [::]:* LISTEN
tcp60 0 localhost:smtp[::]:* LISTEN

The sscommand is used to display socket information. Without any options, it lists all open sockets. For example:

[root@OCS ~]# ss | wc -l
160
[root@OCS ~]# ss | head
Netid StateRecv-Q Send-Q Local Address:PortPeer Address:Port
u_str ESTAB00 /var/run/dovecot/anvil 23454966* 23454965
u_str ESTAB00 /var/run/dovecot/anvil 23887673* 23887672
u_str ESTAB00 /run/systemd/journal/stdout 13569 * 13568
u_str ESTAB00 * 13893* 13894
u_str ESTAB00 * 13854* 13855
u_str ESTAB00 * 13850* 13849
u_str ESTAB00 * 68924* 68925
u_str ESTAB00 * 17996* 17997
u_str ESTAB00/var/run/dovecot/config 9163531 * 9163871
 

TABLE: Common ss Options

 

Option

Description

-lt

Lists open TCP sockets

-lu

Lists open UDP sockets

-lp

Lists the process ID that owns each socket

-n

Doesn’t resolve IP addresses to hostnames or port numbers to port names

-a

Displays all information

-s

Displays a summary


route
The routecommand can be used to display a routing table:

[root@OCS ~]# route
Kernel IP routing table
Destination GatewayGenmask Flags Metric Ref Use Iface
default192.168.1.1 0.0.0.0 UG 10000enp0s3
192.168.0.0 0.0.0.0255.255.0.0U 10000enp0s3
192.168.1.0 0.0.0.0255.255.255.0 U10000enp0s3

This information can also be displayed with the ipcommand:

[root@OCS ~]# ip route show
default via 192.168.1.1 dev enp0s3 proto static metric 100
192.168.0.0/16 dev enp0s3 proto kernel scope link src 192.168.1.24
metric 100
192.168.1.0/24 dev enp0s3 proto kernel scope link src 192.168.1.26
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1

The routecommand can also be used to modify the default router:

route add default gw 192.168.1.10

To add a new router, execute the following command:

route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.3.100
This command will send all network packets destined for the 192.168.3.0/24 network to the 192.168.3.100 router. These changes are temporary and will survive only until the next time the system is booted. Permanent changes are made within your system’s configuration files, which vary from one distribution to another.

arp
The arpcommand is used to view the Address Resolution Protocol (ARP) table or make changes to it. This table is used on a local network to keep track of which IP addresses are associated with Media Access Control (MAC) addresses, because within a local network, MAC addresses are used to communicate between network devices. Note that MAC addresses are often referred to as hardware addresses.

When executed with no arguments, the arpcommand displays the ARP table:

# arp
Address HWtype HWaddress Flags MaskIface
192.168.1.11ether30:3a:64:44:a5:02Ceth0

In the event that a remote system has its network card replaced (or if a virtual network device has been assigned a new MAC address), you might need to delete an entry from the ARP table. You can accomplish this by using the -doption to the arpcommand:

# arp -i eth0 -d 192.169.1.11

After the address is removed from the ARP table, there should be no need to add the new address manually. The next time the local system uses this IP address, it will send a broadcast request on the appropriate network to determine the new MAC address.

curl
The curlcommand allows for noninteractive data transfer from a large number of protocols, including
- FTPS
- SCP
- SFTP
- SMB
- SMBS
- TFTP

In the following example, data from the http://onecoursesource.com URL is downloaded to the local system:
# curl http://onecoursesource.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.onecoursesource.com/">here</a>.</p>
</body></html>

Packet Capture
When you’re troubleshooting network issues or performing network security audits, it can be helpful to view the network traffic, including traffic that isn’t related to the local machine. The tcpdumpcommand is a packet capture utility, and it enables you to view local network traffic.

By default, the tcpdumpcommand displays all network traffic to standard output until you terminate the command. Running this command could result in a dizzying amount of data flying by on your screen. You can limit the output to a specific number of network packets by using the -coptions:

# tcpdump -c 5
tcpdump: verbose output suppressed, use -v or -vv for full protocol
decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535
bytes
11:32:59.630873 IP localhost.43066 > 192.168.1.1.domain: 16227+ A?
onecoursesource.com. (37)
11:32:59.631272 IP localhost.59247 > 192.168.1.1.domain: 2117+ PTR?
1.1.168.192.in-addr.arpa. (42)
11:32:59.631387 IP localhost.43066 > 192.168.1.1.domain: 19647+ AAAA?
11:32:59.647932 IP 192.168.1.1.domain > localhost.59247: 2117
NXDomain* 0/1/0 (97)
11:32:59.717499 IP 192.168.1.1.domain > localhost.43066: 16227 1/0/0 A 38.89.136.109 (53)
5 packets captured
5 packets received by filter
0 packets dropped by kernel

Packet Analyzer
Wireshark is an amazing network capture and analyzer tool that provides both graphical user interface (GUI) and text-based user interface (TUI) tools. To start the GUI tool, execute the wiresharkcommand. The output should be similar to the figure below:

Images
The wiresharkCommand

To view network traffic, you need to start a capture. Click Capture+ Start. You can also limit what is captured by setting filters and options (click Capture+ Options).

To use the TUI-based form of Wireshark, execute the tsharkcommand as the root user:
# tshark
Capturing on 'enp0s3'
1 0.00000000010.0.2.15 → 68.105.28.11 DNS 81 Standard query
0xeec4 A google.com OPT
2 0.00103127910.0.2.15 → 68.105.28.11 DNS 81 Standard query
0x3469 AAAAgoogle.com OPT
3 0.017196416 68.105.28.11 → 10.0.2.15DNS 109 Standard query
response 0x3469 AAAA google.com AAAA 2607:f8b0:4007:800::200e OPT
4 0.017265061 68.105.28.11 → 10.0.2.15DNS 97 Standard query
response 0xeec4 A google.com A 172.217.14.110 OPT
5 0.01848238810.0.2.15 → 172.217.14.110 ICMP 98 Echo (ping)
request id=0x122c, seq=1/256, ttl=64
6 0.036907577 172.217.14.110 → 10.0.2.15ICMP 98 Echo (ping)
replyid=0x122c, seq=1/256, ttl=251 (request in 5)
7 1.02105281110.0.2.15 → 172.217.14.110 ICMP 98 Echo (ping)
request id=0x122c, seq=2/512, ttl=64
8 1.039492225 172.217.14.110 → 10.0.2.15ICMP 98 Echo (ping)
replyid=0x122c, seq=2/512, ttl=251 (request in 7)

OpenSSL Client
Secure communication over SSL is an important component of cloud-based networking. To troubleshoot SSL issues, you may need to make use of the openssl clientutility. For example, to test an SSL connection, you can execute the following command:

openssl s_client -connect <hostname>:<port>

Replace <hostname> with the SSL server’s hostname and <port> with the network port that the server is listening on.

Resource Utilization
As previously mentioned, you’ll notice several redundancies in the CompTIA Cloud+ objectives. This section is a good example because many of these topics were covered in previous guides:
- CPU, GPU, and Memory: “Compute Sizing for Deployment
- Storage and I/O: “Storage in Cloud Environments
- Capacity:  “Operation of a Cloud Environment
- Network Bandwidth and Latency: “Optimize Cloud Environments
- Replication: “Disaster Recovery Tasks
- Scaling: “High Availability and Scaling in Cloud Environments

Application configuration consists of providing resources to the application so that the application is able to perform its tasks. In this section you’ll learn about two troubleshooting categories of application configuration: memory management and service overload.

Memory Management
Like all compute operations, applications need memory to store information. When you deploy an application in a cloud environment, you also assign a specific amount of memory to the application. This requirement might not meet the needs of the application, however.
Because most cloud environments provide tools to monitor memory usage for an application, the way you troubleshoot this sort of problem is to view the metrics for memory utilization. You can also set warnings when memory utilization reaches a specific value to receive advance warning of potential problems.
Adding more memory for the application might seem like an easy solution, but remember that memory, like most cloud resources, comes at a cost. You might also want to consider optimizing the application so that it doesn’t require much memory. This task might be something that you can do in a configuration file for the application, but also might require working with the developers who maintain the application.

Service Overload
An application service overload can be the result of the application using more CPU or vCPU resources than it has been allocated. As with memory resources, most cloud environments allow you to monitor vCPU utilization.
Troubleshooting this issue is similar to troubleshooting a lack of memory: determine whether the application can be modified to use less vCPU resources or allocate more vCPU resources.

Incorrectly Configured or Failed Load Balancing
To learn more about incorrectly configured or failed load balancing, see the “Load Balancers” here.

Quiz:
1. In which of the following cloud components is the order of the rules unimportant? A.Network ACL C.Security group D.The order of the rules is important in all of these components.
2. Which type of NAT is used when you want to place servers behind a firewall and still provide access from an external network? A.DNAT B.SNAT C.MASQUERADE D.FWALL
3. The standard MTU size is _____ bytes. A.700 B.2100 C.1400 D.1500
4. Which of the following can be used to display basic IP network settings for devices? (Choose all that apply.) A.ipconfig B.ifconfig C.if D.ip

Answers:
1. Security group
2. DNAT
3. 1500
4. ipconfig, ifconfig, and ip


Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

 



ADVERTISEMENT