Using sniffer experts to analyze routing loops in the Network

Source: Internet
Author: User
Using sniffer experts to analyze routing loops in the Network
Sniffer expert analysis system is one of the intelligent analysis systems provided by sniffer, he can intelligently analyze the data streams in the network to provide Intelligent Analysis of all objects in the network from the data link layer to the application layer, and through this intelligent analysis, he can automatically detect problems at all layers of the network, help technicians analyze and solve problems quickly and effectively.
If a routing loop appears in your network and the traffic is captured using sniffer, the sniffer expert analysis system will prompt you as follows.
1. TCP bouncing frames or UDP bouncing frames at the transport layer
[Attach] 76 [/Attach]
When TCP or UDP data packets with the same ip id appear continuously in the network, the sniffer Expert System will prompt this alarm. This traffic characteristic is generally caused by a route error. The same data packet sent to the target host keeps appearing in the network, and the target host is generally inaccessible. Check whether the route settings of the target host are correct.

2. Time-to-live expiring alarms at the network layer
[Attach] 77 [/Attach]
When the TTL value of the packet in the network is reduced to 1, the sniffer expert system will generate this alarm. After the TTL value of the IP packet is reduced to 1, it will be discarded by the router, the TTL value of a normally transmitted IP packet will not be reduced to the point where it is discarded by the router during transmission. Generally, when the TTL value is reduced to 1, it indicates that there may be Routing Problems in your local network. As a result, IP packets are continuously forwarded between routers until the TTL value is reduced to 1. However, some packages are excluded, mainly because some route multicast packets (the initial TTL value is 1, not diffuse) or some P2P applications set the initial TTL value to a low value to avoid excessive data transmission.
Check the configuration of the destination address routing of these data packets in the vro.
[Attach] 78 [/Attach]

3. time-to-live exceeded in transmit alert at the network layer
[Attach] 79 [/Attach]
when the router processes a packet whose TTL value is reduced to 1, the packet is discarded and the ICMP packet is sent to the host that sends the packet, notifying the sender that the packet is lost during transmission, this is generally because the destination address of the IP packet sent by the sender is faulty and the route is not local. Check the route settings on the router that sends the ICMP packet. This alarm allows technicians to detect remote network routing problems through an expert system.
[Attach] 80 [/Attach]
tracert can be used to check whether a route is faulty after an alarm is detected.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.