Troubleshooting the Physical Layer and Connectivity Issues | NETSCOUT

Troubleshooting the Physical Layer and Connectivity Issues

In today’s modern networks the end user network performance drives all things network troubleshooting. The most common issues end users complain about are “I can’t connect” and “the network is slow”. Slow networks can be caused by the application, the server or the network. A slow network problem can be caused anywhere between the application or service server and the user. However, there are a number of issues at the physical layer and during the connectivity process that can cause the network to appear to run slow.

Here are 4 quick issues to check, before escalating and diving into a deeper troubleshooting with packet captures and analysis.


1. Verify a good cable connection

A wire map test is intended to verify pin-to-pin termination at each end of a link or patch cable and check for installation connectivity errors. For each of the 8 conductors in the cabling, the wire map indicates you should check for:

  • Shorts between any two or more conductors
  • Reversed pairs
  • Transposed or crossed pairs
  • Split pairs
  • Distance to open on shield
  • Any other miss-wiring


  • These issues are likely to be the most common problems since the patch cords at either end of a link can be damaged or easily swapped to a bad patch cord without realizing something is wrong.

    It is important to note that 10 or 100BASE-T uses only two of the four pairs, 1, 2, 3 and 6 for transmit and receive. While 1000BASE-T and 10GBASE-T uses all four pairs bi-directionally to transmit and receive. Check for cable connection on the 4, 5, 7 and 8 pairs when re-using old patch cord or wiring to support 1G/10G Ethernet networks.


    2. Confirm the Twist Ratio (Noise and crosstalk cancellation)

    Considering all the survey data and key takeaways, we’ve concluded that given the critical nature of WLAN to business transformation and the significant challenges Network Ops face in managing them, standardized processes and checklists would make network engineers’ jobs easier while improving network performance.

  • Noise - extraneous inductance, capacitance, and electromagnetic signals from the outside world.
  • Crosstalk - when wires are laid side-by-side, the actual data traveling through them causes tiny external electromagnetic signals that work their way into the adjacent wire. This is called crosstalk.
  • These unwanted high-frequency have an equal effect on both wires in the same direction (polarity). It was found that by twisting the wires together, the electro-magnetic polarity of the unwanted signals is skewed as the wire bends and twists. This has a canceling effect. The more twists per inch of wire, the better the cancellation effect!

    Example of poor twist ratio, likely to result in crosstalk on the wire.

    Example of good twist ratio, no risk of crosstalk on the wire due to term




    3. Validate DHCP Service

    Two of the most basic and critical services on the network are DHCP and DNS. The Dynamic Host Configuration Protocol (DHCP) provides the end device with the addressing information required to communicate on the network and the Domain Name System (DNS) resolves names to IP addresses. If either of these two services stops working or provides inaccurate information, things come to a halt. What can go wrong with DHCP? One of the most common problems is rogue DHCP servers. This occurs when someone connects a router with a DHCP server to the network. This can be a very difficult one to troubleshoot, since it requires tracking down the offending device. This may include tracing cables to unmarked switches, and logging into the switch to determine the location of the device.

    By performing a validation test at the time of installation, any problems with these services can be resolved before the end device is connected. To test that the DCHP and DNS is working correctly, you will have to initiate the DHCP process with a broadcast message to discover the DHCP servers in the broadcast domain. Normally there should be only one DHCP server in the broadcast domain. It responds with an IP address and lease, and provides other information such as the subnet mask, and the IP address of the default gateway and DNS server.

    Here is some information that may be provided when validating DHCP connectivity

  • Server IP address and name of the DHCP server obtained in the discovery process.
  • Offer is the offered address accepted.
  • Total Time is the total amount of time consumed by the DHCP discover, offer, request, and acknowledge process.
  • Subnet Mask is the mask of the local IP address sent from the DHCP server.
  • Subnet ID is the combination of the subnet mask and the offered IP address (shown in CIDR notation).
  • Lease Time is the amount of time that the IP address is valid.
  • Expires is the accepted time plus the lease duration.
  • Relay Agent If a BOOTP DHCP relay agent is present, this shows its IP address. The relay agent relays DHCP messages between DHCP clients and DHCP servers on different IP networks.
  • Offer 2 If a second address has been offered by a backup DHCP server, it can be shown.
  • MAC Address The MAC address of the DHCP server.

  • 4. Test the DNS

    DNS (Domain Name System) is a system used by Ethernet TCP/IP networks for naming computers and network services. DNS is able to locate computers and services using friendly names rather than an IP address by resolving the name to an IP address that is associated with the name.

    DNS is used in-conjunction with a Domain name. Domain names can have one or more IP addresses i.e. google.com represented by a number of IP addresses. The DNS process takes seconds or fractions of a second. If the Domain name is initially resolved by the local Resolver server it could only take mille seconds (mS).

    Here is some information that may be provided when performing a DNS test.

  • DNS Lookup is the time it took to receive the address after the lookup request was sent.
  • Resolved IP addresses
  • Primary and secondary DNS servers.
  •