Skip to content

3.2 End-Device Network Issue Diagnosis

Diagnose end-device network issues, such as issues with a default gateway, local network, DNS server, proxy, VPN gateway, wireless, and real-time streaming using collected data

Maintaining a reliable and secure network requires diagnosing network issues on traditional end-devices, such as computers and smartphones. ENNA v1.0 exam emphasizes the endpoint agent, its capabilities, metrics, and troubleshooting techniques to identify and resolve network problems impacting applications from the end-user's perspective. These issues can affect users working from various locations, including the office and home. While IP-connected devices such as sensors, cameras, and IoT devices are not within the current scope (v1.0), they may be included in future versions of the exam.

Key Concepts

Diagnosing End-Device Network Issues

This section focuses on analyzing data to troubleshoot network problems originating from end devices. We'll cover how to leverage information from ThousandEyes Endpoint Agents to identify and resolve these issues.

We can categorize the issues into three main areas:

  1. Local network problems
  2. Web performance problems
  3. Broader network problems (beyond the local network)

Local Network Problems

Local networks can be problematic for anyone, but especially for remote workers. Endpoint Agents provide a unique perspective into the network conditions experienced by remote workers and devices.

They gather crucial data, including:

  • ICMP ping and traceroute information to network elements (proxies, VPNs, gateways) over the past 24 hours.
  • Network profiles capturing connection details.

Data is collected in focused bursts every 5 minutes.

Potential Causes:

  • Gateway malfunctions
  • Bandwidth limitations
  • Endpoint performance bottlenecks (CPU, memory)
  • Poor Wi-Fi signal strength
  • General Wi-Fi connectivity problems

Troubleshooting:

  • Verify endpoint network settings
  • Examine network interface details (speed, errors)
  • Use network diagnostic tools (ping, traceroute) within ThousandEyes to gain historical context and path visualization
  • Analyze logs and error messages from end devices to identify errors, configuration problems, or hardware failures

Web Performance Issues

Potential Causes:

  • Browser cache/cookie issues
  • Web application errors or outages
  • API limitations or failures
  • DNS server problems

Troubleshooting:

  • Within ThousandEyes, correlate web performance metrics with underlying network conditions
  • Analyze HTTP error messages for clues
  • Clear browser cache and cookies, and verify firewall/proxy configurations

Broader Network Problems (Beyond the Local Network)

Potential Causes:

  • ISP outages
  • Network congestion
  • Physical infrastructure issues (fiber cuts, power outages)
  • DNS server problems
  • Routing anomalies

Troubleshooting:

  • In ThousandEyes, pinpoint the time the issue began
  • Use the network visualization to isolate problematic nodes by filtering for an affected agent
  • Differentiate between end-to-end packet loss (at the agent) and forwarding loss occurring along the network path

ThousandEyes Endpoint Agent Metrics

Familiarize yourself with the metrics collected by ThousandEyes Endpoint Agents. This knowledge is essential for:

  • Problem Context: Understanding the type and scope of data collected helps you interpret the situation.
  • Root Cause Identification: By correlating metrics across different layers (e.g., HTTP response time against network latency), you can pinpoint whether the issue stems from the network, application, or endpoint itself.
  • Troubleshooting Remote Workers: Determine if a remote worker's issues are due to local network congestion, Wi-Fi signal strength, device resource constraints, or problems with the ISP or wider internet.

The table below provides an overview of the metrics and views available for data collected by Endpoint Agents.

Table 1: Endpoint Agent Metrics
Metric Type Description Relevant Views
Network Packet loss, latency, jitter, connection failures Real User Tests, Scheduled Tests, Dynamic Tests
System CPU load, memory usage Local Networks, Real User Tests, Scheduled Tests, Dynamic Tests
VPN VPN loss, VPN latency Local Networks, Real User Tests, Scheduled Tests, Dynamic Tests
DNS DNS server loss, DNS server latency, domain resolution time Local Networks
Gateway Gateway loss, gateway latency Local Networks
Proxy Proxy loss, proxy latency Local Networks
Wireless Signal quality, throughput, retransmission rate, roaming events, channel swap events Local Networks
HTTP Availability, response time, throughput Scheduled Tests

Refer to our official product documentation for a more detailed breakdown: Data Collected by Endpoint Agent

Additional things to note

  • Test Capabilities: Know the types of tests Endpoint Agents can perform and their limitations.

  • Test Prioritization: Understand how to prioritize tests, especially in resource-constrained environments.

  • Authentication and Security: Be comfortable configuring HTTP authentication and SSL verification settings for tests.

  • Network Visualization: Become proficient in interpreting the symbols and data displayed in ThousandEyes' network visualization views.

Resources

Sample Questions

3.2 Question 1

Refer to the exhibits. The endpoint has the following IP credentials:

192.168.100.9/24, DNS: 8.8.8.8,8.8.4.4, GW: 192.168.100.1

Based on the views presented in the exhibits, what led to the error occurring on Sun, May 5 23:27 GMT +2?

Exhibit 3.2-1

Exhibit 3.2-1

Exhibit 3.2-2

Exhibit 3.2-2

Exhibit 3.2-3

Exhibit 3.2-3

Exhibit 3.2-4

Exhibit 3.2-4
  • A) The test target stopped responding.
  • B) The FQDN of the test target is non-existent.
  • C) The DNS servers assigned to the endpoint are unreachable.
  • D) The DNS settings on the endpoint are incorrect.

3.2 Question 2

The Endpoint stopped appearing online after it was moved to another network.

Exhibit 3.2-5

Exhibit 3.2-5

The customer reviewed the endpoint logs but did not identify anything suspicious.

Exhibit 3.2-6

Exhibit 3.2-6

The customer also confirmed that the endpoint was online on the old network, and the new network is fully operational. Other endpoints that were moved to the new network are also online. Since the new network is small, the admin is using static IP assignment.

What is the best way to bring the endpoint online?

  • A) It may be an issue with the lack of space in the new network. The endpoint should be moved back to the old network.
  • B) The endpoint agent should be reinstalled to come online. This always helps.
  • C) The endpoint will automatically come online in 10-15 minutes, no action is needed.
  • D) Endpoint IP settings must be checked along with connectivity to c1.eb.thousandeyes.com.