A decent portion of every network administrator’s job
involves troubleshooting. Network problems are as certain as death and
taxes—and while you can take steps to prevent issues, sometimes they’re just
Network problems range in complexity. You could be dealing
with one workstation unable to access the network or the entire network going
When you do encounter a network problem, how do you begin
troubleshooting? Many admins have never even bothered to thing about it: They
don’t have a formal methodology—they just jump right in.
But there’s something to be said for a formal
troubleshooting methodology. For one, it gives you a place to start. And it
never hurts to add one more trick to your administrator’s toolkit.
Let’s look at three common network troubleshooting
methodologies. Cisco documents these in its Cisco Internetwork
Troubleshooting guidebooks, and you can expect to see questions about them
on the CIT 642-831 exam, which is required to achieve CCNP
The basis of each of these troubleshooting approaches is the
Reference Model. If you’re unfamiliar with the OSI model or just rusty on
the details, here’s a look at the seven layers:
2: Data Link
Here’s how the OSI model works: Traffic flows down from the
application to the physical layer across the network using the physical medium
(for example, an Ethernet cable) to the receiver’s physical layer. It then
moves up through the layers to the receiver’s application.
Once on the receiver’s side, the receiver becomes the sender,
and the sender becomes the receiver. The response from the receiver traverses
the reverse path and moves back to the original sender.
So if one of the layers of the OSI model doesn’t work, no
traffic will flow. For example, if the data link layer isn’t working, the
traffic will never make it from the application layer to the physical layer.
The bottom-up approach is my personal favorite. As the name
implies, start at the bottom—Layer 1, the physical layer—and work your way up
to the top layer (application).
The physical layer includes the network cable and the network
interface card. So if you encounter a broken or disconnected network cable,
there’s probably no need to do anymore troubleshooting.
You must resolve any physical layer problems before moving
on. After fixing the problem, check to see if the trouble still exists. If so,
move on to troubleshooting the data link layer.
For example, an Ethernet LAN has an Ethernet switch, which
keeps a table of MAC addresses. If there’s something wrong with that table—such
as a duplicate MAC entry—then resolve that problem before looking at anything
on the network layer (e.g., an IP address or routing).
Once again, the name of this methodology implies the
approach. With the top-down method, start at the top of the OSI model (i.e., the
application layer) and work your way down to the bottom layer (i.e., physical).
Divide and conquer
This approach involves a little more intuition. With the
divide and conquer method, start at whichever layer you best feel is the root
cause of the problem. From there, you can go either up or down through the
layers. (Yes, folks, even the “no-method method” has a name.)
Choosing an approach
Which approach you decide to use may depend on where you
believe the problem lies. For example, if a user is unable to browse the Web
and you think most users have a lot of problems with spyware and Internet
Explorer settings, then you may want to start with the top-down approach. On
the other hand, if the user mentions that he or she just connected a laptop to
the network and can’t browse the Web, you might want to use the bottom-up
method since there’s a good chance the user has a disconnected cable or similar
Do you use a troubleshooting methodology when dealing with
networking problems? If so, post your approach in this article’s discussion.
How important do you think it is to have a troubleshooting methodology?
Miss a column?
Check out the Cisco Routers and Switches
Archive, and catch up on David Davis’ most recent columns.
Want to learn more
about router and switch management? Automatically
sign up for our free Cisco Routers and Switches newsletter, delivered each
David Davis has worked
in the IT industry for 12 years and holds several certifications, including
CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of
systems/network administrators for a privately owned retail company and
performs networking/systems consulting on a part-time basis.