Boot Failure and Errors
Boot failure is the inability to locate the operating system from the storage drives. The most common reasons for boot failures are
1. A non bootable floppy in the diskette drive.
2. CMOS is not properly configured to boot from the correct device.
3. None of the devices in the CMOS are set to bootable.
4. Hardware failure.
Invalid Boot disk
The Master Boot Record (MBR) is created when the hard disk is partitioned. The MBR has master boot code, disk signature (or end of sector marker)) and a partition table for the disk. The MBR scans the partition table for the active partition and then finds the starting sector of the active partition. It then loads a copy of the boot sector from the active partition into memory and finally transfers control to the executable code in the boot sector. This means that the MBR identifies the operating system on the disk.
MBR can become corrupted due to human error, hardware problems, power fluctuations, virus attack, and other factors. An Invalid boot disk error is caused when the MBR is either corrupted or when it cannot find the partitions or the boot sector. Sometimes, it might pop an Invalid partition table or Error loading operating system or Missing operating system errors.
• Remove any floppy disks or CD-ROMs from the system & restart the system.
• Check if the Hard-disk drive is detected in the CMOS.
• Boot to the DOS prompt using a bootable floppy or CD. (Recovery Console in case of Windows XP/2000) & use the command FDISK /mbr or fixmbr.
• Reseat the Hard drive. If issue remains, replace the Hard disk dri
boot device
The error, inaccessible boot device stop error can be caused due to any of the following reasons.
• Corrupt Windows registry.
• Bad or partially connected data cables.
• Bad sectors on the hard drive.
• A boot sector virus.
• Upgrading the computer or Transferring of Hard drive from one computer to another.
• Power surge or outage.
Troubleshooting & Solution
• Try a repair or reinstallation of the operating system.
• Recreate the MBR using FDISK / mbr.
• Delete & recreate all partitions and format the drive to delete any possible viruses.
• Reseat the data cable to the hard drive, check by swapping the Hard disk drive cable with the CD-Rom drive cable.
• Replace the Hard Disk / Data cable.
Wednesday, December 26, 2007
Monday, December 24, 2007
ETHERNET
What is Ethernet?
Ethernet is a Local Area Network (LAN) cabling and signaling specification for baseband networks. Ethernet uses a bus or star topology for connecting different nodes in a network.
To which OSI layer does Ethernet belong?
Ethernet belongs to both the Physical Layer (Layer 1) and the Data Link layer (Layer 2) in the OSI architecture.
What are the standard data rates for Ethernet? The standard data rates for Ethernet are 10 Mbps, 100 Mbps, and 1 Gbps
How two systems in an Ethernet network communicate? In a Ethernet network, a system broadcasts the data using a Ethernet frame. The destination system is specified in the Ethernet frame using its Ethernet address. All the systems in the network listen for an Ethernet frame with their Ethernet address in it. When a system receives an Ethernet frame with its address in it, it processes the frame and sends it to the higher layers (like IP) for further processing.
What is a "collision"? At any one instance, in an Ethernet network, only one device can transmit. If two devices transmit at the same instance, then the signals from both devices will collide and a "collision" will occur. When a "collision" occurs, the signals will get distorted and the frame will be lost. Collisions are very common in a Ethernet network.
How is "collision" handled in Ethernet networks? Ethernet uses the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) media access control mechanism to detect and recover from a collision.
What is CSMA/CD? CSMA/CD is a media access control mechanism used in Ethernet to recover from frame collision. The following steps are followed to recover from a collision. Step 1: Before an Ethernet device sends a frame on the Ethernet cable, it listens to find if another device is already transmitting a frame (Carrier Sense). Step 2: Once the device finds that other devices are not transmitting any frame, it starts transmitting the frame. If two devices detect that the Ethernet cable is free at the same time, then both will start transmitting the frames (Multiple Access). This will result in collision. Step 3: The Ethernet devices while transmitting the frames, also listen for the collision. (Collision Detect). Step 4: If they detect a collision, both the devices stop sending the frame (back off). Step 5: They retry the transmission after a logarithmic time-out period. This process is repeated till the frame is transmitted successfully, for a maximum of 16 times. The frame is discarded after the 16th retry.
What is "late collision"? An Ethernet device will detect a collision, while it is transmitting, only if the collision reaches it before it completes transmitting the entire frame. If the collision reaches the transmitter, after it completed sending the entire frame, then the transmitter will not detect the collision, it will assume the collision occurred because of some other frame. This is called "late collision". Late collision will occur, if the length of the Ethernet network segment is greater than the standard allowed length.
How "late collision" is avoided in Ethernet? Late collision can be avoided, if the maximum length of the Ethernet network segment is restricted, such that if a collision occurs, it will reach the transmitter before the transmitter completed transmitting the entire frame. In a typical 10 Mbps network, the minimum length of an Ethernet frame is 576 bits (72 bytes) and the maximum length of a single Ethernet network segment is 2.5 kms.
What is an Ethernet address? Each device in an Ethernet network is uniquely identified by a 48 bit (6 bytes) address called Ethernet address. Ethernet address is also known as Media Access Control (MAC) address. Ethernet addresses are represented as six pairs of hexadecimal digits separated by a colon. Ethernet address are buried in the network adapter by the manufacturer. A Ethernet address of a device cannot be changed. Example: 00:60:08:11:B1:AB, 00:00:c0:5e:83:0e
What is a broadcast address? The Ethernet address in which all the bits are 1 is known as a broadcast address. It is represented as FF:FF:FF:FF:FF:FF. A frame with this address is received and processed by all the nodes in the network.
What are the different Ethernet frame formats? The different Ethernet frame formats are listed below: Ethernet II and IEEE 802.3
Why there are different Ethernet frame formats? Xerox developed the first version of Ethernet, Ethernet I. The second version of Ethernet, Ethernet II, was developed by DEC, Intel and Xerox. After this the Ethernet was standardized by IEEE and the new format is known as 802.3 format. To provide backward compatibility with Ethernet II, 802.2 SNAP format was developed.
How is the length of an Ethernet II frame calculated? The length of an Ethernet II frame is not present in the frame itself. It depends on the Ethernet network interface used. When the interface sends a frame to the network device driver, it supplies the length of the received frame.
What is the minimum and maximum size of an Ethernet frame? The minimum size of an Ethernet frame is 64 bytes. The breakup of this size between the fields is: Destination Address (6 bytes) + Source Address (6 bytes) + Frame Type (2 bytes) + Data (46 bytes) + CRC Checksum (4 bytes). The minimum number of bytes passed as data in a frame must be 46 bytes. If the size of the data to be passed is less than this, then padding bytes are added. The maximum size of an Ethernet frame is 1518 bytes. The breakup of this size between the fields is: Destination Address (6 bytes) + Source Address (6 bytes) + Frame Type (2 bytes) + Data (1500 bytes) + CRC Checksum (4 bytes). The maximum number of bytes of data that can be passed in a single frame is 1500 bytes.
What is a SAP? SAP, Service Access Point, is the logical point at which services are provided by an OSI layer. Typically, the protocols in the network layer (like IP) bind at specific SAP in the Logical Link Control Layer( LLC) for accessing the services provided by it.
Why Sub Network Access Protocol (SNAP) header is required?The 802.2 LLC header replaces the 'protocol type' of the Ethernet II format with two SAP fields, Source SAP and Destination SAP. The value of the SAP field in the 802.2 header is equivalent to the 'protocol type' field in the Ethernet II header. The value of the SAP field will be between 1 and 255, since it is an 8 bit field. On the other hand, the 'protocol type' value for the standard protocols like IP, ARP, etc is grater than 1500. Obviosuly, these values cannot be represented in the SAP fields. So to provide compatibility with Ethernet II, SNAP header was added to the 802.2 LLC header. In a SNAP frame, both the SAP values will be 0xAA and the first 5 bytes of the data will give the protocol ID. Out of the 5 bytes of data, the last 2 bytes are same as the protocol type field of the Ethernet II frame. The first 3 bytes are called as 'Organizationally Unique Identifer' (OUI) and are allocated as a vendor identifier. Typically, OUI will be zero.
What are the values for SSAP, DSAP, control and org fields in a 802.2 SNAP frame? +-------+-----+ Field Value +-------+-----+ SSAP 0xAA DSAP 0xAA Control3 OUI 0 +-------+-----+
How to differentiate between an 802.3 frame and an Ethernet II frame?The value of 'length' field in an 802.3 frame must be less than 1500 and in a Ethernet II frame the value of 'type' field must be more than 1500. Since the 802.3 frame 'length' field and the Ethernet II frame 'type' field are at the same offset from the header, depending on the value present, the frame can be differentiated.
What is promiscuous mode?Normally, a Ethernet network interface will pass a frame to the above network layers only if it is addressed to that interface. If the network interface is put in the promiscuous mode, the Ethernet network interface will send all the frames (frames addressed to any host in the network), regardless of their destination address to the above network layers. This mode is used by network analyzers to capture all the frames.
What is MTU?Maximum Transmission Unit (MTU) is the maximum number of bytes that can be transmitted in a single transmission unit. Every communication medium has a MTU. For Ethernet, the MTU of a frame is 1500.
Ethernet is a Local Area Network (LAN) cabling and signaling specification for baseband networks. Ethernet uses a bus or star topology for connecting different nodes in a network.
To which OSI layer does Ethernet belong?
Ethernet belongs to both the Physical Layer (Layer 1) and the Data Link layer (Layer 2) in the OSI architecture.
What are the standard data rates for Ethernet? The standard data rates for Ethernet are 10 Mbps, 100 Mbps, and 1 Gbps
How two systems in an Ethernet network communicate? In a Ethernet network, a system broadcasts the data using a Ethernet frame. The destination system is specified in the Ethernet frame using its Ethernet address. All the systems in the network listen for an Ethernet frame with their Ethernet address in it. When a system receives an Ethernet frame with its address in it, it processes the frame and sends it to the higher layers (like IP) for further processing.
What is a "collision"? At any one instance, in an Ethernet network, only one device can transmit. If two devices transmit at the same instance, then the signals from both devices will collide and a "collision" will occur. When a "collision" occurs, the signals will get distorted and the frame will be lost. Collisions are very common in a Ethernet network.
How is "collision" handled in Ethernet networks? Ethernet uses the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) media access control mechanism to detect and recover from a collision.
What is CSMA/CD? CSMA/CD is a media access control mechanism used in Ethernet to recover from frame collision. The following steps are followed to recover from a collision. Step 1: Before an Ethernet device sends a frame on the Ethernet cable, it listens to find if another device is already transmitting a frame (Carrier Sense). Step 2: Once the device finds that other devices are not transmitting any frame, it starts transmitting the frame. If two devices detect that the Ethernet cable is free at the same time, then both will start transmitting the frames (Multiple Access). This will result in collision. Step 3: The Ethernet devices while transmitting the frames, also listen for the collision. (Collision Detect). Step 4: If they detect a collision, both the devices stop sending the frame (back off). Step 5: They retry the transmission after a logarithmic time-out period. This process is repeated till the frame is transmitted successfully, for a maximum of 16 times. The frame is discarded after the 16th retry.
What is "late collision"? An Ethernet device will detect a collision, while it is transmitting, only if the collision reaches it before it completes transmitting the entire frame. If the collision reaches the transmitter, after it completed sending the entire frame, then the transmitter will not detect the collision, it will assume the collision occurred because of some other frame. This is called "late collision". Late collision will occur, if the length of the Ethernet network segment is greater than the standard allowed length.
How "late collision" is avoided in Ethernet? Late collision can be avoided, if the maximum length of the Ethernet network segment is restricted, such that if a collision occurs, it will reach the transmitter before the transmitter completed transmitting the entire frame. In a typical 10 Mbps network, the minimum length of an Ethernet frame is 576 bits (72 bytes) and the maximum length of a single Ethernet network segment is 2.5 kms.
What is an Ethernet address? Each device in an Ethernet network is uniquely identified by a 48 bit (6 bytes) address called Ethernet address. Ethernet address is also known as Media Access Control (MAC) address. Ethernet addresses are represented as six pairs of hexadecimal digits separated by a colon. Ethernet address are buried in the network adapter by the manufacturer. A Ethernet address of a device cannot be changed. Example: 00:60:08:11:B1:AB, 00:00:c0:5e:83:0e
What is a broadcast address? The Ethernet address in which all the bits are 1 is known as a broadcast address. It is represented as FF:FF:FF:FF:FF:FF. A frame with this address is received and processed by all the nodes in the network.
What are the different Ethernet frame formats? The different Ethernet frame formats are listed below: Ethernet II and IEEE 802.3
Why there are different Ethernet frame formats? Xerox developed the first version of Ethernet, Ethernet I. The second version of Ethernet, Ethernet II, was developed by DEC, Intel and Xerox. After this the Ethernet was standardized by IEEE and the new format is known as 802.3 format. To provide backward compatibility with Ethernet II, 802.2 SNAP format was developed.
How is the length of an Ethernet II frame calculated? The length of an Ethernet II frame is not present in the frame itself. It depends on the Ethernet network interface used. When the interface sends a frame to the network device driver, it supplies the length of the received frame.
What is the minimum and maximum size of an Ethernet frame? The minimum size of an Ethernet frame is 64 bytes. The breakup of this size between the fields is: Destination Address (6 bytes) + Source Address (6 bytes) + Frame Type (2 bytes) + Data (46 bytes) + CRC Checksum (4 bytes). The minimum number of bytes passed as data in a frame must be 46 bytes. If the size of the data to be passed is less than this, then padding bytes are added. The maximum size of an Ethernet frame is 1518 bytes. The breakup of this size between the fields is: Destination Address (6 bytes) + Source Address (6 bytes) + Frame Type (2 bytes) + Data (1500 bytes) + CRC Checksum (4 bytes). The maximum number of bytes of data that can be passed in a single frame is 1500 bytes.
What is a SAP? SAP, Service Access Point, is the logical point at which services are provided by an OSI layer. Typically, the protocols in the network layer (like IP) bind at specific SAP in the Logical Link Control Layer( LLC) for accessing the services provided by it.
Why Sub Network Access Protocol (SNAP) header is required?The 802.2 LLC header replaces the 'protocol type' of the Ethernet II format with two SAP fields, Source SAP and Destination SAP. The value of the SAP field in the 802.2 header is equivalent to the 'protocol type' field in the Ethernet II header. The value of the SAP field will be between 1 and 255, since it is an 8 bit field. On the other hand, the 'protocol type' value for the standard protocols like IP, ARP, etc is grater than 1500. Obviosuly, these values cannot be represented in the SAP fields. So to provide compatibility with Ethernet II, SNAP header was added to the 802.2 LLC header. In a SNAP frame, both the SAP values will be 0xAA and the first 5 bytes of the data will give the protocol ID. Out of the 5 bytes of data, the last 2 bytes are same as the protocol type field of the Ethernet II frame. The first 3 bytes are called as 'Organizationally Unique Identifer' (OUI) and are allocated as a vendor identifier. Typically, OUI will be zero.
What are the values for SSAP, DSAP, control and org fields in a 802.2 SNAP frame? +-------+-----+ Field Value +-------+-----+ SSAP 0xAA DSAP 0xAA Control3 OUI 0 +-------+-----+
How to differentiate between an 802.3 frame and an Ethernet II frame?The value of 'length' field in an 802.3 frame must be less than 1500 and in a Ethernet II frame the value of 'type' field must be more than 1500. Since the 802.3 frame 'length' field and the Ethernet II frame 'type' field are at the same offset from the header, depending on the value present, the frame can be differentiated.
What is promiscuous mode?Normally, a Ethernet network interface will pass a frame to the above network layers only if it is addressed to that interface. If the network interface is put in the promiscuous mode, the Ethernet network interface will send all the frames (frames addressed to any host in the network), regardless of their destination address to the above network layers. This mode is used by network analyzers to capture all the frames.
What is MTU?Maximum Transmission Unit (MTU) is the maximum number of bytes that can be transmitted in a single transmission unit. Every communication medium has a MTU. For Ethernet, the MTU of a frame is 1500.
Wednesday, December 19, 2007
Troubleshooting problems opening PDF files in Internet Explorer window
Troubleshooting problems opening PDF files in Internet Explorer window
( Applies to Acrobat Reader version 6.0 )
When you click a .PDF link in a web page, the PDF document may not open and you see a image placeholder icon or a Red X in the browser window. To resolve the problem, follow the checklist mentioned in this article.
Checklist
• If your system has two versions of Adobe Acrobat Reader, uninstall both the versions and then install the latest version and the latest update. If you have earlier builds, update to 6.0.1 or above. Click Help menu and choose Update. BTW, updating to 6.0.1 also fixes another problem explained here
• Open Adobe Acrobat Reader and click Edit, Preferences. Choose Internet in the Preferences window. Uncheck Display PDF in browser option and close the dialog. Repeat the same and this time, enable the Display PDF in browser option.
• Adobe Acrobat Reader v6.x has Detect and Repair feature under the Help menu. See if repairing Adobe Reader helps you resolve the problem.
Steps specific to Windows XP Service Pack 2
• Open Internet Explorer, Tools menu, Manage Add-ons
• In the Manage Add-ons dialog, select Add-ons that have been used by Internet Explorer
• Make sure Adobe Acrobat Control for ActiveX (pdf.ocx) is Enabled. If it's disabled, enable the add-on and restart Internet Explorer.
( Applies to Acrobat Reader version 6.0 )
When you click a .PDF link in a web page, the PDF document may not open and you see a image placeholder icon or a Red X in the browser window. To resolve the problem, follow the checklist mentioned in this article.
Checklist
• If your system has two versions of Adobe Acrobat Reader, uninstall both the versions and then install the latest version and the latest update. If you have earlier builds, update to 6.0.1 or above. Click Help menu and choose Update. BTW, updating to 6.0.1 also fixes another problem explained here
• Open Adobe Acrobat Reader and click Edit, Preferences. Choose Internet in the Preferences window. Uncheck Display PDF in browser option and close the dialog. Repeat the same and this time, enable the Display PDF in browser option.
• Adobe Acrobat Reader v6.x has Detect and Repair feature under the Help menu. See if repairing Adobe Reader helps you resolve the problem.
Steps specific to Windows XP Service Pack 2
• Open Internet Explorer, Tools menu, Manage Add-ons
• In the Manage Add-ons dialog, select Add-ons that have been used by Internet Explorer
• Make sure Adobe Acrobat Control for ActiveX (pdf.ocx) is Enabled. If it's disabled, enable the add-on and restart Internet Explorer.
Thursday, April 5, 2007
Troubleshooting File System Problems
Troubleshooting File System Problems
This article presents a systematic approach to troubleshooting file system problems on servers running Windows Server 2003. Various tools for troubleshooting disk problems are examined and best practices for using them are explained.
A corrupt or damaged file system can result in various effects ranging from data loss to rendering your system unbootable. Smart IT pros will therefore take steps to maintain their servers' file systems and will know how to systematically troubleshoot disks when things go wrong. This article discusses both preventive disk maintenance and provides some tips for using various tools to maintain and troubleshoot file systems on Windows servers.
Seven Golden Rules for Disk Maintenance
Let's begin with a proactive approach to file system maintenance. What steps should an administrator take to help prevent file system problems from happening in the first place? Here are my seven golden rules on the subject, in no particular order:
1. Upgrade your servers to Windows Server 2003. There's real value in doing this as far as disk maintenance is concerned, for example:
• The chkdsk command in Windows Server 2003 runs a lot faster than the Windows 2000 version of this utility, plus it can fix things like a corrupt Master File Table (MFT) that the previous version of the utility would choke on.
• Powerful new command-line tools like DiskPart.exe, Fsutil.exe and Defrag.exe give you more flexibility for managing disks from the command-line instead of the GUI. These tools can be scripted to automate common disk management tasks you need to perform on a regular basis.
• The new Automated System Recovery (ASR) feature greatly simplifies the task of restoring your system/boot volume in the event of catastrophic disk failure.
2. Use hardware redundancy. RAID 1 disk mirroring lets you recover from catastrophic system volume failure with zero downtime, while RAID 5 is a great way of protecting your data volumes. Windows servers include support for built-in software RAID but you'll get better performance and true hot-swap redundancy by investing more money and buying a hardware RAID controller for your system instead. Don't forget though, keep a few spare drives handy so you can swap them during an emergency—redundancy is useless if you don't have the redundant hardware around to use it. Note that if you do choose to go with the software RAID provided by Windows, mirroring your boot and system volumes requires that these volumes be one and the same i.e. one volume is both your boot volume (contains operating system files) and your system volume (contains hardware-specific boot files).
3. Use a good antivirus program. Viruses can be nasty, and one of the things they can do when they infect a machine is to corrupt the Master Boot Record (MBR) and other critical portions of your hard drives. Not only should you have AV installed on your servers, you should also avoid risky behaviors such as running scripts from untrusted sources, browsing the web, and so on. These are just the kinds of behavior that can lead to infecting your system, so avoid doing things like this on your production servers.
4. Defragment your file systems on a regular basis. This is especially important on servers on which a high number of transactional operations occur as the file systems can quickly become fragmented, dragging down the performance of applications running on your server. To perform a successful defrag you should really have at least 15% free space left on your disk, so make sure you don't let critical system or data disks fill up too much or they'll be harder to maintain. The new command-line Defrag.exe tool of Windows Server 2003 is useful here since you can schedule regular running of this tool during off-hours using the Schtasks.exe command instead of having to defrag manually or buy a third-party defrag tool.
5. Run chkdsk /r on a regular basis. This command finds bad sectors on your disk and tries to fix them by recovering data from them and moving it elsewhere. You can run this command either from a command-prompt window or from the Recovery Console if you can't boot your system normally. Remember that when you try and run chkdsk.exe on your system or boot volume, Windows configures autochk.exe (the boot version of chkdsk.exe) to run at your next reboot. This means you'll need to schedule downtime for your server when you perform this kind of maintenance so that autochk.exe can run.
6. Check your event logs regularly for any disk-related events. Windows sometimes determines on its own when a disk is "dirty" i.e. there are file system errors present on it. In that case, Windows automatically schedules autochk.exe to run at the next reboot, but it also writes an event to the Application log using either the source name "Chkdsk" or "Winlogon". So filter your Application log to view these kinds of events on a regular basis or collect them using Microsoft Operations Manager (MOM) or whatever other systems management tool you use on your network.
7. Back up all your volumes regularly. As a last recourse in the event of a disaster, having working backups of both your system/boot volume and data volumes is critical. ASR in Windows Server 2003 makes backing up the boot/system volume easier, while backing up your data volumes can be done using the Windows Backup (ntbackup.exe) tool or any other backup tool such as one from a third-party vendor. Whatever way you choose to back up your system, do it regularly and verify your backups to ensure you can recover your system using them.
I should also add an eighth and final rule as well:
8. (the Platinum rule) If your disk starts to make funny sounds, don't ignore them—do something. Disk failure is often preceded by funny sounds emanating from your computer. These clicking, scraping, screeching, or other types of sounds mean trouble, so when you hear them it's time to make sure you've got a recent backup and a spare disk handy just in case. And it's also time to check your event logs, run chkdsk –r, and use other maintenance and troubleshooting tools to check the health of your disks. Don't ignore these funny sounds!
Tips for Troubleshooting
While a proactive approach to maintaining disks and their file systems is important, it's also inevitable that disasters will occur and you'll need to react to them appropriately. Here are some tips to using one of the key maintenance tools for disk and file systems that is included with Windows Server 2003, namely Chkdsk.exe:
• Make sure you know you have a good recent backup before you run chkdsk.exe.
• Never interrupt Chkdsk.exe while it's doing its job.
• Make sure you have enough time during your maintenance downtime window to run Chkdsk.exe—on very large volumes this command can take a long time to finish its work. To speed up the operation of Chkdsk.exe on very large volumes, you can run it in a "light" form by specifying chkdsk drive_letter /f /c /i before you try running the slower chkdsk /r.
• Chkdsk.exe can't run on the boot/system volume when Windows is running, and it also can't run on data volumes when file handles are open on the volume. The reason being that in both of these situations Chkdsk.exe is unable to lock the volume for its exclusive use. In these cases, Chkdsk.exe will be scheduled to run at the next system restart.
• If you think your volume may be dirty but you don't want Autochk.exe to run when it reboots—for instance, if your server is heavily used and you can't afford the downtime while Autochk.exe runs—you can use the Chkntfs.exe command to first determine whether the volume is dirty or not, and second to find out whether Autochk.exe is currently schedule to run at the next restart. If you determine that the volume is dirty and Autochk.exe is scheduled to run at next restart, you can delay running Autochk.exe using the chkntfs /d command. Note however that doing this is risky—if your volume is dirty you should deal with it as soon as possible and not procrastinate.
Conclusion
Proper disk maintenance requires both proactive actions and knowledge of how to properly use file system troubleshooting tools. Make sure you become familiar with the tools included in Windows Server 2003, and be sure to follow the seven (or eight) rules outlined in this article so you can keep your disks humming (but not screeching) along.
This article presents a systematic approach to troubleshooting file system problems on servers running Windows Server 2003. Various tools for troubleshooting disk problems are examined and best practices for using them are explained.
A corrupt or damaged file system can result in various effects ranging from data loss to rendering your system unbootable. Smart IT pros will therefore take steps to maintain their servers' file systems and will know how to systematically troubleshoot disks when things go wrong. This article discusses both preventive disk maintenance and provides some tips for using various tools to maintain and troubleshoot file systems on Windows servers.
Seven Golden Rules for Disk Maintenance
Let's begin with a proactive approach to file system maintenance. What steps should an administrator take to help prevent file system problems from happening in the first place? Here are my seven golden rules on the subject, in no particular order:
1. Upgrade your servers to Windows Server 2003. There's real value in doing this as far as disk maintenance is concerned, for example:
• The chkdsk command in Windows Server 2003 runs a lot faster than the Windows 2000 version of this utility, plus it can fix things like a corrupt Master File Table (MFT) that the previous version of the utility would choke on.
• Powerful new command-line tools like DiskPart.exe, Fsutil.exe and Defrag.exe give you more flexibility for managing disks from the command-line instead of the GUI. These tools can be scripted to automate common disk management tasks you need to perform on a regular basis.
• The new Automated System Recovery (ASR) feature greatly simplifies the task of restoring your system/boot volume in the event of catastrophic disk failure.
2. Use hardware redundancy. RAID 1 disk mirroring lets you recover from catastrophic system volume failure with zero downtime, while RAID 5 is a great way of protecting your data volumes. Windows servers include support for built-in software RAID but you'll get better performance and true hot-swap redundancy by investing more money and buying a hardware RAID controller for your system instead. Don't forget though, keep a few spare drives handy so you can swap them during an emergency—redundancy is useless if you don't have the redundant hardware around to use it. Note that if you do choose to go with the software RAID provided by Windows, mirroring your boot and system volumes requires that these volumes be one and the same i.e. one volume is both your boot volume (contains operating system files) and your system volume (contains hardware-specific boot files).
3. Use a good antivirus program. Viruses can be nasty, and one of the things they can do when they infect a machine is to corrupt the Master Boot Record (MBR) and other critical portions of your hard drives. Not only should you have AV installed on your servers, you should also avoid risky behaviors such as running scripts from untrusted sources, browsing the web, and so on. These are just the kinds of behavior that can lead to infecting your system, so avoid doing things like this on your production servers.
4. Defragment your file systems on a regular basis. This is especially important on servers on which a high number of transactional operations occur as the file systems can quickly become fragmented, dragging down the performance of applications running on your server. To perform a successful defrag you should really have at least 15% free space left on your disk, so make sure you don't let critical system or data disks fill up too much or they'll be harder to maintain. The new command-line Defrag.exe tool of Windows Server 2003 is useful here since you can schedule regular running of this tool during off-hours using the Schtasks.exe command instead of having to defrag manually or buy a third-party defrag tool.
5. Run chkdsk /r on a regular basis. This command finds bad sectors on your disk and tries to fix them by recovering data from them and moving it elsewhere. You can run this command either from a command-prompt window or from the Recovery Console if you can't boot your system normally. Remember that when you try and run chkdsk.exe on your system or boot volume, Windows configures autochk.exe (the boot version of chkdsk.exe) to run at your next reboot. This means you'll need to schedule downtime for your server when you perform this kind of maintenance so that autochk.exe can run.
6. Check your event logs regularly for any disk-related events. Windows sometimes determines on its own when a disk is "dirty" i.e. there are file system errors present on it. In that case, Windows automatically schedules autochk.exe to run at the next reboot, but it also writes an event to the Application log using either the source name "Chkdsk" or "Winlogon". So filter your Application log to view these kinds of events on a regular basis or collect them using Microsoft Operations Manager (MOM) or whatever other systems management tool you use on your network.
7. Back up all your volumes regularly. As a last recourse in the event of a disaster, having working backups of both your system/boot volume and data volumes is critical. ASR in Windows Server 2003 makes backing up the boot/system volume easier, while backing up your data volumes can be done using the Windows Backup (ntbackup.exe) tool or any other backup tool such as one from a third-party vendor. Whatever way you choose to back up your system, do it regularly and verify your backups to ensure you can recover your system using them.
I should also add an eighth and final rule as well:
8. (the Platinum rule) If your disk starts to make funny sounds, don't ignore them—do something. Disk failure is often preceded by funny sounds emanating from your computer. These clicking, scraping, screeching, or other types of sounds mean trouble, so when you hear them it's time to make sure you've got a recent backup and a spare disk handy just in case. And it's also time to check your event logs, run chkdsk –r, and use other maintenance and troubleshooting tools to check the health of your disks. Don't ignore these funny sounds!
Tips for Troubleshooting
While a proactive approach to maintaining disks and their file systems is important, it's also inevitable that disasters will occur and you'll need to react to them appropriately. Here are some tips to using one of the key maintenance tools for disk and file systems that is included with Windows Server 2003, namely Chkdsk.exe:
• Make sure you know you have a good recent backup before you run chkdsk.exe.
• Never interrupt Chkdsk.exe while it's doing its job.
• Make sure you have enough time during your maintenance downtime window to run Chkdsk.exe—on very large volumes this command can take a long time to finish its work. To speed up the operation of Chkdsk.exe on very large volumes, you can run it in a "light" form by specifying chkdsk drive_letter /f /c /i before you try running the slower chkdsk /r.
• Chkdsk.exe can't run on the boot/system volume when Windows is running, and it also can't run on data volumes when file handles are open on the volume. The reason being that in both of these situations Chkdsk.exe is unable to lock the volume for its exclusive use. In these cases, Chkdsk.exe will be scheduled to run at the next system restart.
• If you think your volume may be dirty but you don't want Autochk.exe to run when it reboots—for instance, if your server is heavily used and you can't afford the downtime while Autochk.exe runs—you can use the Chkntfs.exe command to first determine whether the volume is dirty or not, and second to find out whether Autochk.exe is currently schedule to run at the next restart. If you determine that the volume is dirty and Autochk.exe is scheduled to run at next restart, you can delay running Autochk.exe using the chkntfs /d command. Note however that doing this is risky—if your volume is dirty you should deal with it as soon as possible and not procrastinate.
Conclusion
Proper disk maintenance requires both proactive actions and knowledge of how to properly use file system troubleshooting tools. Make sure you become familiar with the tools included in Windows Server 2003, and be sure to follow the seven (or eight) rules outlined in this article so you can keep your disks humming (but not screeching) along.
Wednesday, April 4, 2007
The Importance of Backup Systems
Hope for the Best ... But Prepare for the Worst
Even though most of us know that we need to do regular backups, the fact is that many us don't. In part 1 of a two-part series, we review why it's important to perform these backups on a regular basis.
Earlier this week a client contacted me with a rather severe problem. When I arrived on the scene, I discovered that the problem was far worse then I had originally thought. Originally, I thought that the server's hard drive had crashed and would need to be replaced. While this is without question a serious problem, I knew that the server was equipped with a RAID [define] system that replicated [define] the data across multiple hard drives.
A RAID system provides redundancy for your data. So in the event that one of the hard drives fails, as was the case here, all you need to do is replace the crashed hard drive with a new one and let the RAID array rebuild the data onto the new drive.
Unfortunately, the problem was even more severe than I had originally feared. It turns out that the entire RAID array was damaged. This means that all of the hard drives that made up the array needed to be replaced and the data had to be restored from backups before the server could be brought back online.
This is where the nightmare begins. The client had a problem with their tape backup drive about two months earlier and, as a result, did not have any current backups of the data. This meant that once the RAID array was back online and the tape drive was functional, I would have to find the last complete backup they had (which in this case was Feb 7), perform a restore, and then visit each PC to get that data copied back to the server.
This meant that it could take weeks before getting fully restored. Even then, some missing data would never be recovered.
When they first informed me of their tape problems, I tried to impart on them the seriousness of the situation and how important it was that the tape drive be repaired or replaced as quickly as possible. They failed to heed the warning. Now they're paying the price.
Don't Let It Happen to You
You don't have to suffer the same outcome. Despite the fact that my client was negligent in getting the tape drive repaired, this problem was not unique to them. In fact, this problem has affected many of us &#mdash; particularly those users who spend a lot of their time working on the road or from a home office.
And this problem certainly isn't exclusive to non-technical people. Even some of the most experienced techies I know have often fallen into this trap. As a matter of fact, an associate of mine just recently had the hard drive in his laptop crash. He didn't have a current backup and, as a result, lost six months worth of work!
The point of all this is that even though most of us know that we need to do regular backups, the fact is that many, if not most of us, don't.
So let's take a moment to review why it's important to perform these backups on a regular basis. Here are six of the more popular ones:
1. The Human Eraser – Have you ever reformatted a hard disk when you meant to format a floppy? Have you ever typed "Y" when you meant "N" and then it was too late? Have you ever overwritten a file by mistake? How about installing software you later found you really did not want? Today's computers can do a lot of damage in a very short period of time.
The fastest erasers known consist of a fast computer combined with an unprepared or tired brain. Backup systems can save you hours, days, or months of trying to reconstruct your valuable data. Before you do any important system change, such as adding hardware or software, remember to perform a backup before you proceed.
2. Hard disk failure – MTBFs (Mean Times Between Failure) [define] have improved dramatically in the past several years for all peripherals. But so have data capacity — and the amount you could lose if your disk fails.
The problem is you never know when a failure will occur. And, according to the Murphy's Law, the loss will occur at the worst possible time. Backup systems give you immediate and automatic protection from unpredictable disk failures.
3. Virus protection and spyware protection – Some unscrupulous individuals continue to write viruses that innocently hide in shareware [define] programs and all throughout the Internet. These programs have the capability to copy themselves and load into your system along with the software you think you are getting.
Once loaded, they proceed to wreak havoc with your system, causing errors, lockups and loss of data. A reliable backup system can restore data lost through virus infection when used in conjunction with good virus detection software and an earlier backup.
4. Free up disk space – While we can't stop the steady growth of application software and related data, we can help you do something about it by allowing you to offload some of the less-used files from your hard disk to a secondary storage medium like tape or DVDs. Removing those inactive files can open up your hard disk for new programs or growing data files.
Inexpensive DVD or tape cartridges are a sure way to archive your programs and data while still keeping them accessible when you do need them. It could even enable you to put off buying a larger disk.
5. Events beyond your control – Both natural and manmade disasters inject a disconcerting variability into any application that requires large amounts of data storage. These include fire, floods, lightning and outright theft.
After such an occurrence, how will your business survive? Many don't, according to statistics. Regenerating vital billing or customer information would be very difficult from paper records, if not impossible. Backup systems protect your data against such calamity.
Besides doing daily backups, plan to do an extra backup weekly. Then store the backup either in a fireproof safe or at an offsite location. If your system goes, your data stays — and that may mean the difference between business as usual and bankruptcy.
6. Large file transfers — Transferring large volumes of data can be time consuming. Tape backup drives in particular have the capacity for very high data transfer rates, making them ideal for moving large quantities of data between systems. Tapes are also compact, inexpensive and have a long shelf life.
So your data will be archived and accessible for years to come. And with a tape backup system you can conveniently send a tape cartridge across the country, through the mail, or across the office in your shirt pocket.
Now that we have been reacquainted ourselves with the reasons why backing up our systems is so important, we need to figure out how best to go about doing it so that it happens consistently and reliably. In our next installment, we'll discuss some of the different backup methods available and take a look at some of the different backup mediums now available. Till next time.
Hope for the Best ... But Prepare for the Worst
Even though most of us know that we need to do regular backups, the fact is that many us don't. In part 1 of a two-part series, we review why it's important to perform these backups on a regular basis.
Earlier this week a client contacted me with a rather severe problem. When I arrived on the scene, I discovered that the problem was far worse then I had originally thought. Originally, I thought that the server's hard drive had crashed and would need to be replaced. While this is without question a serious problem, I knew that the server was equipped with a RAID [define] system that replicated [define] the data across multiple hard drives.
A RAID system provides redundancy for your data. So in the event that one of the hard drives fails, as was the case here, all you need to do is replace the crashed hard drive with a new one and let the RAID array rebuild the data onto the new drive.
Unfortunately, the problem was even more severe than I had originally feared. It turns out that the entire RAID array was damaged. This means that all of the hard drives that made up the array needed to be replaced and the data had to be restored from backups before the server could be brought back online.
This is where the nightmare begins. The client had a problem with their tape backup drive about two months earlier and, as a result, did not have any current backups of the data. This meant that once the RAID array was back online and the tape drive was functional, I would have to find the last complete backup they had (which in this case was Feb 7), perform a restore, and then visit each PC to get that data copied back to the server.
This meant that it could take weeks before getting fully restored. Even then, some missing data would never be recovered.
When they first informed me of their tape problems, I tried to impart on them the seriousness of the situation and how important it was that the tape drive be repaired or replaced as quickly as possible. They failed to heed the warning. Now they're paying the price.
Don't Let It Happen to You
You don't have to suffer the same outcome. Despite the fact that my client was negligent in getting the tape drive repaired, this problem was not unique to them. In fact, this problem has affected many of us &#mdash; particularly those users who spend a lot of their time working on the road or from a home office.
And this problem certainly isn't exclusive to non-technical people. Even some of the most experienced techies I know have often fallen into this trap. As a matter of fact, an associate of mine just recently had the hard drive in his laptop crash. He didn't have a current backup and, as a result, lost six months worth of work!
The point of all this is that even though most of us know that we need to do regular backups, the fact is that many, if not most of us, don't.
So let's take a moment to review why it's important to perform these backups on a regular basis. Here are six of the more popular ones:
1. The Human Eraser – Have you ever reformatted a hard disk when you meant to format a floppy? Have you ever typed "Y" when you meant "N" and then it was too late? Have you ever overwritten a file by mistake? How about installing software you later found you really did not want? Today's computers can do a lot of damage in a very short period of time.
The fastest erasers known consist of a fast computer combined with an unprepared or tired brain. Backup systems can save you hours, days, or months of trying to reconstruct your valuable data. Before you do any important system change, such as adding hardware or software, remember to perform a backup before you proceed.
2. Hard disk failure – MTBFs (Mean Times Between Failure) [define] have improved dramatically in the past several years for all peripherals. But so have data capacity — and the amount you could lose if your disk fails.
The problem is you never know when a failure will occur. And, according to the Murphy's Law, the loss will occur at the worst possible time. Backup systems give you immediate and automatic protection from unpredictable disk failures.
3. Virus protection and spyware protection – Some unscrupulous individuals continue to write viruses that innocently hide in shareware [define] programs and all throughout the Internet. These programs have the capability to copy themselves and load into your system along with the software you think you are getting.
Once loaded, they proceed to wreak havoc with your system, causing errors, lockups and loss of data. A reliable backup system can restore data lost through virus infection when used in conjunction with good virus detection software and an earlier backup.
4. Free up disk space – While we can't stop the steady growth of application software and related data, we can help you do something about it by allowing you to offload some of the less-used files from your hard disk to a secondary storage medium like tape or DVDs. Removing those inactive files can open up your hard disk for new programs or growing data files.
Inexpensive DVD or tape cartridges are a sure way to archive your programs and data while still keeping them accessible when you do need them. It could even enable you to put off buying a larger disk.
5. Events beyond your control – Both natural and manmade disasters inject a disconcerting variability into any application that requires large amounts of data storage. These include fire, floods, lightning and outright theft.
After such an occurrence, how will your business survive? Many don't, according to statistics. Regenerating vital billing or customer information would be very difficult from paper records, if not impossible. Backup systems protect your data against such calamity.
Besides doing daily backups, plan to do an extra backup weekly. Then store the backup either in a fireproof safe or at an offsite location. If your system goes, your data stays — and that may mean the difference between business as usual and bankruptcy.
6. Large file transfers — Transferring large volumes of data can be time consuming. Tape backup drives in particular have the capacity for very high data transfer rates, making them ideal for moving large quantities of data between systems. Tapes are also compact, inexpensive and have a long shelf life.
So your data will be archived and accessible for years to come. And with a tape backup system you can conveniently send a tape cartridge across the country, through the mail, or across the office in your shirt pocket.
Now that we have been reacquainted ourselves with the reasons why backing up our systems is so important, we need to figure out how best to go about doing it so that it happens consistently and reliably. In our next installment, we'll discuss some of the different backup methods available and take a look at some of the different backup mediums now available. Till next time.
Sunday, March 4, 2007
What is a Loopback Adapter?
The Microsoft Loopback adapter is a testing tool for a virtual network environment where network access is not available. Also, you must use the Loopback adapter if there are conflicts with a network adapter or with a network adapter driver. You can bind network clients, protocols, and other network configuration items to the Loopback adapter, and you can install the network adapter driver or network adapter later while retaining the network configuration information.
Manual installation
To manually install the Microsoft Loopback adapter in Windows XP, follow these steps:
1. Click Start, and then click Control Panel. Because this is XP, you may have it set up this way, or you may have your interface set up in Classic view. Either way, navigate your way to ‘Add Hardware’, or ‘Printers and Other Hardware’
2. Launch the Wizard to Add Hardware to your system. Do not be confused because you are not actually installing any new hardware, just simply adding a ‘network adapter’ which is acting as a virtual adapter.
3. Click next, once you have launched the Wizard. You will see a series of dialog boxes open to ask you about scanning for hardware changes, etc – you will want to do everything manually in this exercise. There will be no automatic scanning for any reason because you have not installed anything, the installation will immediately fail.
4. You will next be asked if the hardware is connected. You can select Yes from the options and click Next.
5. Now, select *from the bottom of the list* the ‘Add a new hardware device’ option, and then click Next.
6. Click Install the hardware that I manually select from a list, and then click Next.
7. Select ‘Network adapters’ from the Common hardware types section within the dialog box. Click Next.
8. Select Microsoft and then the Microsoft Loopback Adapater, and then click Next.
Lastly, you will be prompted to Finish up the installation.
Viewing and Configuring the Loopback Adapter
Once you have finished the installation, you will have a brand new loopback interface configured on your PC. There are a few things that you should know about the use of the loopback adapter.
• First, it will appear as a new interface connection in the properties of My Network Places. It will also show up with you view IPCONFIG from the command line.
• Second, you will be confused about it when you see it because if you have multiple adapters set up as most do, you will see Local Area Connection, Local Area Connection 2, Local Area Connection 3 and so on. A trick to seeing what is what is to hover your mouse over the connections until you find the right one as seen in the illustration here:
• It is recommended that you rename the connection to something like ‘LOOPBACK’ so you can differentiate what it is quicker, and if you use IPCONFIG, check out the output below, you will know it’s the LOOPBACK.
C:\>ipconfig
<
The Microsoft Loopback adapter is a testing tool for a virtual network environment where network access is not available. Also, you must use the Loopback adapter if there are conflicts with a network adapter or with a network adapter driver. You can bind network clients, protocols, and other network configuration items to the Loopback adapter, and you can install the network adapter driver or network adapter later while retaining the network configuration information.
Manual installation
To manually install the Microsoft Loopback adapter in Windows XP, follow these steps:
1. Click Start, and then click Control Panel. Because this is XP, you may have it set up this way, or you may have your interface set up in Classic view. Either way, navigate your way to ‘Add Hardware’, or ‘Printers and Other Hardware’
2. Launch the Wizard to Add Hardware to your system. Do not be confused because you are not actually installing any new hardware, just simply adding a ‘network adapter’ which is acting as a virtual adapter.
3. Click next, once you have launched the Wizard. You will see a series of dialog boxes open to ask you about scanning for hardware changes, etc – you will want to do everything manually in this exercise. There will be no automatic scanning for any reason because you have not installed anything, the installation will immediately fail.
4. You will next be asked if the hardware is connected. You can select Yes from the options and click Next.
5. Now, select *from the bottom of the list* the ‘Add a new hardware device’ option, and then click Next.
6. Click Install the hardware that I manually select from a list, and then click Next.
7. Select ‘Network adapters’ from the Common hardware types section within the dialog box. Click Next.
8. Select Microsoft and then the Microsoft Loopback Adapater, and then click Next.
Lastly, you will be prompted to Finish up the installation.
Viewing and Configuring the Loopback Adapter
Once you have finished the installation, you will have a brand new loopback interface configured on your PC. There are a few things that you should know about the use of the loopback adapter.
• First, it will appear as a new interface connection in the properties of My Network Places. It will also show up with you view IPCONFIG from the command line.
• Second, you will be confused about it when you see it because if you have multiple adapters set up as most do, you will see Local Area Connection, Local Area Connection 2, Local Area Connection 3 and so on. A trick to seeing what is what is to hover your mouse over the connections until you find the right one as seen in the illustration here:
• It is recommended that you rename the connection to something like ‘LOOPBACK’ so you can differentiate what it is quicker, and if you use IPCONFIG, check out the output below, you will know it’s the LOOPBACK.
C:\>ipconfig
<
Friday, March 2, 2007
HOW TO FIND THE IP ADDRESS OF THE SENDER IN GMAIL
When you receive an email, you receive more than just the message. The email comes with headers that carry important information that can tell where the email was sent from and possibly who sent it. For that, you would need to find the IP address of the sender. The tutorial below can help you find the IP address of the sender.
Log into your Gmail account with your username and password.
Open the mail.
To display the headers,
Click on More options corresponding to that thread. You should get a bunch of links. Click on Show original
You should get headers like this:
Gmail headers : Mastitrain
Look for Received: from followed by a few hostnames and an IP address between square brackets. In this case, it is 65.119.112.245.
That is be the IP address of the sender!!
NOTE:=
This will not work if the sender uses anonymous proxy servers.
When you receive an email, you receive more than just the message. The email comes with headers that carry important information that can tell where the email was sent from and possibly who sent it. For that, you would need to find the IP address of the sender. The tutorial below can help you find the IP address of the sender.
Log into your Gmail account with your username and password.
Open the mail.
To display the headers,
Click on More options corresponding to that thread. You should get a bunch of links. Click on Show original
You should get headers like this:
Gmail headers : Mastitrain
Look for Received: from followed by a few hostnames and an IP address between square brackets. In this case, it is 65.119.112.245.
That is be the IP address of the sender!!
NOTE:=
This will not work if the sender uses anonymous proxy servers.
Monday, February 19, 2007
Why Learning The OSI Model Is Important
There's nothing I enjoy more than teaching Cisco technologies, especially CCNA candidates. Whether it's in-person or online, everyone's excited to be there. There's a sense of anticipation in the air, and everyone is ready to work hard, get their hands on the racks of Cisco routers and switches I have available... ... and then I break out the OSI model chart. Chins slump. People sigh, or at least wish they hadn't ordered decaf that morning. Okay, it's not that bad. But it does temper the excitement a little. I always get a sense of "why can't we just hurry up and get on the routers and switches? Why do we have to learn this dry stuff?" One reason is that Cisco demands you know the OSI model inside and out for both the Intro and ICND exams. You have to admit that's a pretty good reason, but still, students find the OSI model information to be very dry. I understand that, because I've been there. My first exposure to the OSI model was actually in a Novell "Networking Technologies" class, and man, was that chart ever dry. They crammed every known protocol (and some unknown ones, I think) into the OSI model. It looked like a giant jigsaw puzzle, and the real problem is that I didn't know what the heck most of that stuff was. So I dutifully attempted to memorize this massive chart. I managed to pass the exam, but I wondered what all that effort had really been for. It's not like you sit around in a server room or wiring closet and discuss the OSI model. As a CCNA candidate, you don't have to worry about all the protocols I memorized way back when, but you do have to know what happens at each layer. Which leads to this question: "If I work with routers and switches, why do I have to know about all the other layers? Don't routers and switches just work at layer 2 and 3?" Yes, switches work at Layer 2 and routers at Layer 3. But to truly understand networking, you've got to understand what happens at the other layers. Why? Most network administrators and engineers are going to spend a lot more time troubleshooting than installing. That's just the way it is. And to troubleshoot effectively, you've got to know what's going on at all layers of the OSI model, not just layers 2 and 3. As someone who's done a lot of hiring and conducted a great many job interviews, I can tell you that the ability to troubleshoot is the number one quality I look for. That's why I tell CCNA and CCNP candidates that they've got to get all the hands-on practice they can; while I understand the importance of theory, the only way to develop troubleshooting ability is to work on the real deal. No simulator program is going to teach you how to troubleshoot. Additionally, the only way to truly develop your troubleshooting abilities is to know what's going on over the entire network, not just the routers and switches. Troubleshooting always starts at Layer 1; if you don't find a problem at the Physical layer, and everything's fine with your routers and switches, how are you going to continue troubleshooting if you don't know what the next steps are as data moves closer to the end user? So when it comes to the OSI model, don't just give it a quick once-over and move on to the fun stuff in your CCNA studies. The tangible benefit of passing your exams is great, but it's the hidden benefit of developing your own troubleshooting methodology that makes mastering the OSI model worthwhile.
There's nothing I enjoy more than teaching Cisco technologies, especially CCNA candidates. Whether it's in-person or online, everyone's excited to be there. There's a sense of anticipation in the air, and everyone is ready to work hard, get their hands on the racks of Cisco routers and switches I have available... ... and then I break out the OSI model chart. Chins slump. People sigh, or at least wish they hadn't ordered decaf that morning. Okay, it's not that bad. But it does temper the excitement a little. I always get a sense of "why can't we just hurry up and get on the routers and switches? Why do we have to learn this dry stuff?" One reason is that Cisco demands you know the OSI model inside and out for both the Intro and ICND exams. You have to admit that's a pretty good reason, but still, students find the OSI model information to be very dry. I understand that, because I've been there. My first exposure to the OSI model was actually in a Novell "Networking Technologies" class, and man, was that chart ever dry. They crammed every known protocol (and some unknown ones, I think) into the OSI model. It looked like a giant jigsaw puzzle, and the real problem is that I didn't know what the heck most of that stuff was. So I dutifully attempted to memorize this massive chart. I managed to pass the exam, but I wondered what all that effort had really been for. It's not like you sit around in a server room or wiring closet and discuss the OSI model. As a CCNA candidate, you don't have to worry about all the protocols I memorized way back when, but you do have to know what happens at each layer. Which leads to this question: "If I work with routers and switches, why do I have to know about all the other layers? Don't routers and switches just work at layer 2 and 3?" Yes, switches work at Layer 2 and routers at Layer 3. But to truly understand networking, you've got to understand what happens at the other layers. Why? Most network administrators and engineers are going to spend a lot more time troubleshooting than installing. That's just the way it is. And to troubleshoot effectively, you've got to know what's going on at all layers of the OSI model, not just layers 2 and 3. As someone who's done a lot of hiring and conducted a great many job interviews, I can tell you that the ability to troubleshoot is the number one quality I look for. That's why I tell CCNA and CCNP candidates that they've got to get all the hands-on practice they can; while I understand the importance of theory, the only way to develop troubleshooting ability is to work on the real deal. No simulator program is going to teach you how to troubleshoot. Additionally, the only way to truly develop your troubleshooting abilities is to know what's going on over the entire network, not just the routers and switches. Troubleshooting always starts at Layer 1; if you don't find a problem at the Physical layer, and everything's fine with your routers and switches, how are you going to continue troubleshooting if you don't know what the next steps are as data moves closer to the end user? So when it comes to the OSI model, don't just give it a quick once-over and move on to the fun stuff in your CCNA studies. The tangible benefit of passing your exams is great, but it's the hidden benefit of developing your own troubleshooting methodology that makes mastering the OSI model worthwhile.
Subscribe to:
Comments (Atom)
