1z0-821 Oracle Solaris 11 System Administration – Administering a Physical Network Part 3

  • By
  • February 19, 2023
0 Comment

7. Verify Network Operation

All right, now let’s talk about verifying network operation. Now there are several different ways we can verify that our network is working correctly, but probably one of the most obvious is to simply ask the users. Now that may seem a little bit silly, but really that’s one of the best ways is to get feedback from your users on what’s working and what may not be. If you’re troubleshooting a network, this is probably one of the first ways you’ll find doubt that a network isn’t working it’s from your users. But by and large, if they can access their resources, if they can access shared resources in particular, especially on your network, and if they can access different network based applications such as email, the web, and the Internet, then you can pretty much be assured that the network is in fact working. But that may be not necessarily what we’re after here. What we may want to know and what we want to verify is certain aspects of the network, like configuration settings, for example. Everything works, but we kind of want to see how it’s configured and make sure it’s configured the way we think it is.

Several of the commands that we’ll talk about, several of the ways to verify the network operation are also used in troubleshooting. So you may see this again in a little bit when we talk about troubleshooting network issues. Now, there are several commands we can use that are built into Solaris Eleven. Some of those are actually older commands that we’ve used in Linux and Unix and even Windows for a while. Some of these things are like ping and trace route and if config, things that can give you general information about your network connection and give you information about the network out there, whether a host is up or not, whether the network is functioning, and so forth. Other commands are kind of specific to Solaris Eleven. Things like the AP adm and the Net adm commands are definitely. So let’s go ahead and take a few minutes and go through each of these commands and just kind of see how you would use them to verify that your network is working both the way you think it is and that it’s configured the way you think it is.

We’re in our command shell here, and one of the first things I want to do is go ahead and show you if config, and we’re going to do an if config on net zero. And the reason I want to do that is I want to show you that it can tell you a lot of things about how the network is running. It can tell you whether the interface is up, as you can see from the up indicator that it’s using DHCP, that it’s an IPV four network, and so forth. You can get its IP address there, the 100 215 and its broadcast address. And if you know how to do subletting with its broadcast address. You can kind of tell what network range it’s on, what kind of subnet it has. In this case it has a 24 bit subnet mask. Now, one of the things we may want to do is confirm what its default gateway is, and there’s several different ways you can do that as well. Let’s take a really simple way and do a Netstat R. And these are the gateways that are configured on the computer. The default there is 100 two.

That’s our default gateway. And one of the things we can do to confirm connectivity is actually ping that gateway. So let’s go ahead and use a ping command and we get something that says 100 two is alive. Well, if you’re used to using Linux and Unix and even Windows, you know that that’s not what normally comes back with a ping command. Normally you get a response of four ICMP replies with Windows, or an infinite number with Linux or Unix. Well, Solaris Eleven kind of simplifies this for you and just comes back and says it’s alive, it’s up. There’s no need to repeat all the ICMP replies. You can get ping to do that of course. But why?

The next thing you could do is actually look at different aspects of your network configuration. You could look at the NCPS for example, using Net adm list, and that kind of tells you which network configuration profiles are loaded, which have been configured and which are online at the moment. And right now we see that the automatic one is which is a reactive one. It’s online. We have one default fixed obviously, which is disabled. So that gives us a little bit of configuration information about the network. The other thing we can do is use the ipadm command. And there’s a couple of things we may want to look at. We can first look at Showaddr and that gives us actually information about the IP addressing scheme for our network interface. In this case we see both IP version four and IP version six addresses for our local loopback address and our Net zero interface.

We can also do something called Show. If prop with ipadm, it’ll show us some more things about the interface itself, probably more than we wanted to know. There’s actually a lot of things that will show you. Now all of this serves to just give you information about the network interfaces themselves, how they’re configured, and that they are in fact up and running. Now you could also do things like a DNS lookup if you wanted to. You could also do a trace route. Trace route could take a little bit of time. It doesn’t always return accurate information simply because some stations along the way, particularly state routers and firewalls and so forth, may block ICMP.

So you may not get any replies back, but a trace route can follow the link all the way back to the destination. That you’re trying to get to, such as www. oracle. com or Vtc. com, for example. But you may not get a lot of information back if devices along the way block ICMP, but it is somewhat useful. So these are just a few of the commands you can use to verify network operations. And when we say verify, we’re looking at a, doesn’t work, and b, does it work the way we think it works? Those are the two things you’re really looking at. Some of these commands, again, are also used in troubleshooting, so you will see them again. We’ll talk about them again when it’s time. Okay, let’s move on to a different topic.

8. Determine Datalink Availability

In our discussions on networking with Solaris Eleven, we’ve kind of stumbled across the term datalink occasionally and we’ve also occasionally mentioned the Dladm command. It’s kind of time to explain this a little bit and let you know what a datalink is and what Dladm does. Now, datalinks can be a little bit difficult to understand because they aren’t really field or virtual. They’re actually links that you can create and manage that are between network interfaces and physical network cards. Now we know that network interfaces such as Net Zero are logical and they can be mapped to physical hardware, which is a network card in several different ways. You can bridge them, you can aggregate them, you can manage multi home hosts, you can manage VLANs and even wireless connections with the Dladm command. And that’s what actually manages data links as Dladm.

We’ve mentioned that a few times already. Now, what we’d like to do now is go to Solaris Eleven and I can kind of show you a few things that deal adm does and explain it a little bit better. And what we’ll do is we’ll go ahead and take a look at that right now. Okay, we’re in Solaris Eleven here and there’s actually no GUI way to manage data links, at least not yet. There may be in a future version of Solaris. So we have to manage these at the command line interface and again we’re going to use the Dladm command for that. So we’re going to go ahead and type in Dladm help. And you can see that there’s a lot of different options for Dladm and a lot of switches and so forth that we can use. We can bridge links, we can also aggregate them.

Now, aggregating them means that we take several network cards, put them together and make one logical connection out of them. We might do this if we’re on the same subnet to increase our bandwidth to show applications one logical network card that connects to the network or for various other reasons. Again, we can bridge them. We can also create VLANs and work with Virtual Nix and WiFi with this command as well. Now, some of the things that we can do, we can add or create structures such as bridges and aggregates and so forth. We can also modify them and manage them and we can also delete them. We can get rid of them when they no longer serve our purposes. We can also show information about them. In fact, let’s go ahead and show some information about the different network interfaces and hardware cards that we have on our system here, like Dladm show physical. And what you can see is our network interface, which is our link itself actually, which is named Net Zero. And the media is Ethernet. The state is up. That means the network card is up, speed is gigabit duplex is full and the device is the E Gigabit G ethernet card with zero instance, and you could see different instances on these. You could see like a g one, g two, and so forth, depending upon how many instances you have defined for that particular hardware card, and you can have many of them. Now, the Dladm command can also show you different things about usage and so forth.

It can show you the link properties, it can also set properties and so forth. A lot of this may seem like a foreign language to you, but after time, when you realize how helpful these links can be, how you can actually create and manage these links in all kinds of different ways, it’ll help you manage your network connections a little bit better with Solaris Eleven. And unfortunately, the only real way to understand it is to get in and do it, to play with them. And it really depends on how your network is set up too. There may be instances where you need link aggregation or you need bridges, or you need to create a VLAN on a Solaris Eleven box. So during these instances, this would be helpful to understand the deal adm command and how it works.

Now, obviously for the exam, you need to know the very basics about it, although this topic is probably a little bit more of an advanced topic than a lot of people get into even for the exam. So for the exam, I would understand what basically a data link is, what command manages it, and some of the options that you have that can go with it. Now, if you also combine this with the ipadm command and the net Adm command and the if config command, then you have a whole toolbox available to you to manage every aspect of your networking on Solaris Eleven. That includes managing and creating interfaces. That means managing the network configuration policies and the logical data links that go with all of these.

So all these combined and you can actually do some pretty powerful stuff with networking on Solaris Eleven. So we have the Dladm command that we’ve shown you, take some time, practice with it, set up some links, create them, destroy them, and so forth. You can’t really hurt anything, and if you do, you can always undo everything and reboot, or if you have to reinstall something, sometimes that’s the only option. But you shouldn’t be able to hurt anything by playing with the Dladm command.

9. Troubleshoot Network Issues

Now that we’ve talked about several aspects of networking in general and Solaris Eleven networking specifically. Let’s talk about what to do when things go wrong. In other words, troubleshooting network issues. Now, issues with the networking come in many different forms, shapes and sizes. It can range from absolutely no connectivity to limited connectivity to a certain resource. Now, along that spectrum, you have no connectivity at all, either by host or by the entire network. And sometimes that can be difficult to troubleshoot. But that’s typically a physical problem. If there’s no connectivity at all, that could be a bad cable or something. What may be more difficult to troubleshoot is intermittent or bad connectivity. Maybe it’s up for a few minutes and then it goes away and you don’t have connectivity for a couple of minutes. That can be hard to troubleshoot because it’s not absolutely one way or another somewhere in the middle. Another issue can be loss of connectivity or intermittent connectivity to a particular resource, like a shared file or a particular host. Usually if that happens, it’s easier to narrow down because then you start troubleshooting on the host or the resource end. You can also have application connectivity where everything else works.

But maybe the users can’t get to just email or just the web server or just a shared folder. So again, it really depends on what the issue is as to how you start troubleshooting it. Another thing that can throw a wrench in the mix is whether it affects one user or many users. If it affects one user, obviously you might start troubleshooting on their host. If it affects many users, you might start troubleshooting at the resource level. Now, one of the things a lot of technicians do right out of the gate is go and start trying to run a bunch of commands on a box to try to troubleshoot the problem. That’s not always the best way to approach it. Usually troubleshooting begins with simply asking questions. Some of the questions you may want to ask will help you narrow down where you have to start looking and what you have to start doing. The first question you might ask is who does it affect?

Is it one particular user or is it many users? That will help you decide whether to start troubleshooting at one person’s computer or more broadly on the network, say at the network resource level, or a switch or a router. You also want to know what the scope of the issue is. Is it one particular problem or is it many problems? Is it one host or many hosts? Another thing you might want to ask is what’s changed recently on the host or the network? Sometimes problems just don’t crop up. Things cause them to crop up. Maybe a configuration change on the host, or maybe a new switch on the network. So those are things you have to ask and know in order to start troubleshooting properly. You also need to find out is this a physical connection issue?

And typically you might be able to answer that. If the problem is no connectivity whatsoever, that might be an easy way to approach it. If it’s intermittent. On the other hand, you might want to start going and checking your cabling. Obviously, that’s the simplest thing to check, one of the easiest things to check, so you might start there first. It’s easy to tell whether someone’s kicked a cable out of a server or a host, or if a switch has become unplugged from its power and things like that. So you might want to check that. And then if it gets to be a little bit more difficult, once you rule that out, maybe you test the cable or replace the cable. Then you can start looking at more complex issues. For example, it also could be a security issue. Maybe someone doesn’t have the right permissions to a resource, or the right rights and privileges to do something that they think they are supposed to be able to do. You also have to go and look and see if it’s a network services issue, for example, if everything else seems to work but everybody can’t get to a particular web server that might speak to a DNS issue, or if everyone’s having limited connectivity or intermittent connectivity that might speak to a DHCP problem. So look and see if it’s a network services issue as well.

Now, there are several ways to troubleshoot network issues. First of all, you start with the easiest verify the physical connectivity. Is the box plugged up? Is there a cable running into the network interface? And is that cable connected somewhere else, say to a switch or even another host? You would check those physical connections first to make sure the cable is good and so forth, and whatever you’re plugged into is powered up. You also might verify connectivity to your default gateway. A good way to do that is to run the ping command and ping your default gateway, and if you can connect to it, then the problem typically lies beyond that and not necessarily on the host. You also might want to verify your network services are working correctly. Verify that DNS is working, and verify that DHCP is working. Interview more than one person who’s having the problem. Also check and see if people who aren’t having the problem, how they’re configured and what they’re getting.

Also verify application connectivity. If people are having issues with email, verify that their email client is working properly. Or if it’s a lot of different people, verify that the email server is up and running properly. And last but not least, you can also run some troubleshooting commands. Now, we’ve covered some of these commands a little bit earlier when we talked about verifying network operation, and they’re very useful commands to verify troubleshooting operations with as well. You can use a ping command to verify connectivity between one host and another, and if you don’t get a reply back, then you can go start troubleshooting to see why.

You may run the trace route command between two hosts to see what the intermediate hops are along the way. If you’re running it over the internet, though, you may not get good data back because ICMP may be blocked along the way. There’s also the if config commands and the ipadm and net adm commands, and you would use those to verify the interfaces themselves and your network configuration policies. The Dladm command can be used to verify that data links are configured and working properly. Also, some other things you can do is look at other application or service specific commands such as DNS Lookup or commands that are involved in troubleshooting email or DHCP. Those will be good things to do to troubleshoot. Connection Issues all in all, these issues aren’t difficult to troubleshoot. You just have to know where to start and what you’re trying to troubleshoot.

10. For the Exam

Now it’s time to talk about what we should start studying for the exam and what we should know for it. We’ve covered pretty much everything you need to know for the basic objectives that the FCA requires. But again, you should actually practice a lot on these things and get to know the commands and the processes and the procedures intimately in order to be adequately prepared for the exam. If you have a weakness or lack of knowledge in network areas, you might want to go and study some up on networking on the basics of the OSI model, TCP, IP and so forth. That would help a lot if you don’t have a good understanding of it. However, the OCA exam is not about networking, it’s about Solaris Eleven. So we have to explain a few things in order to get you going toward the Solaris Eleven networking concepts. Some of the things we’ve talked about and some of the things you need to be familiar with are the basic networking concepts such as the IP configuration, the things you need to make a connection with the IP address, subnet, mask, default gateway, and so forth, and network services such as DNS and DACP. Again, you don’t need to know how to configure these for a server, but you do need to know how they interact with the client. We also looked at Solaris Eleven unique networking concepts, mainly the network configuration profiles or NCPS, and we know that there are fixed and reactive, and reactive makes changes according to the configuration of the network.

There’s two network configuration profiles that are set up automatically the automatic one, which is a reactive one, and the default fixed. You can only have one default fixed, but you can have several reactive ones. We also looked at configuring a network interface and we looked at a few different commands to do that with. The if config command, which is a little bit older and some of its functionality is deprecated. On Solaris Eleven, primarily you want to use the ipadm and Net adm commands to configure issues with the network interfaces.

We also looked at how to administer network interfaces, and again, we use some of the same commands that we talked about earlier ipadm, Net adm, and we also took a good look at the network GUI that’s available to you on the Solaris Eleven desktop. Some of the things you might want to configure in addition to the interface are locations which may have location and connection, specific information you may have to have for a network connection, and also the profiles themselves, the NCPS. Now through the GUI you can configure the automatic NCP, which is a reactive one, and you can also add other reactive NCPS, the fixed NCP, which has the name default fixed. You can only change in the ipadm and Net adm and deal adm commands.
We also looked at verifying network operations, and basically we used a few commands just to make sure that not only does your network work, but it works the way you think it works, and it’s configured the way you think it is. And there are several commands that we talked about that you could use, and there may be other ones out there as well. Ping, Tracer, ipadm, Net, Adm those were some of the commands we’ve talked about and showed you how to use just to verify that your network is configured properly. We also looked at data link availability, how to configure it, and determine different aspects about it. Primarily, we used the Dladm command for that.

And then finally we looked at network issues and how to troubleshoot them, things that could go wrong, how they might manifest themselves, and what you need to do. And we talked about how the first thing you need to do is not necessarily go and run a bunch of commands, but it’s asking questions. And we do that in order to determine the problem and the scope, who it affects, exactly what part of the network it’s affecting, whether it’s a host or a resource. And we ask questions to narrow down possibilities so that we can find out exactly what the problem is. Is it an application or service? Is it a particular server? Is it a host? Which group of people does it affect? Is it one person or many? And then we talked about using commands to troubleshoot when necessary. And these are some of the same commands we’ve talked about when we verify the network operation, such as ping, tracer, ipadm, Net, adm, and so forth. There also may be other application specific or service specific commands we may use to troubleshoot some of these issues. So all these things you probably need to know for the exam, and some of these things may be unfamiliar to you, but the biggest recommendation I could give you is to, of course, practice on Solaris Eleven, install your machine, and practice some of these commands. Practice creating NCPS, practice configuring the network interfaces, practice troubleshooting, maybe change a setting and see how it reacts on the network and go and change it back to fix it. So there are different things you can use to study for the exam.

Obviously, use the VTC course. I would also look at the online Oracle documentation that’s available to you because it can give you a lot of good information. There’s two really good publications that Oracle has on Solaris Eleven networking. One is an introductory publication, and one talks about configuring the network on Solaris Eleven. But the best thing you can do pretty much is to practice using the commands and connecting Solaris Eleven to a network. And you can do that whether it’s in a virtual machine or a physical box. So practice with the network connections, configuring the interfaces, introducing issues into the network connections train on NCPS and how to configure them, and you’ll be ready for the test.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img