3.2 End-Device Network Issue Diagnosis
Diagnose end-device network issues, such as issues with a default gateway, local network, DNS server, proxy, VPN gateway, wireless, and real-time streaming using collected data
Maintaining a reliable and secure network requires diagnosing network issues on traditional end-devices, such as computers and smartphones. ENNA v1.0 exam emphasizes the endpoint agent, its capabilities, metrics, and troubleshooting techniques to identify and resolve network problems impacting applications from the end-user's perspective. These issues can affect users working from various locations, including the office and home. While IP-connected devices such as sensors, cameras, and IoT devices are not within the current scope (v1.0), they may be included in future versions of the exam.
Key Concepts
Diagnosing End-Device Network Issues
This section focuses on analyzing data to troubleshoot network problems originating from end devices. We'll cover how to leverage information from ThousandEyes Endpoint Agents to identify and resolve these issues.
We can categorize the issues into three main areas:
- Local network problems
- Web performance problems
- Broader network problems (beyond the local network)
Local Network Problems
Local networks can be problematic for anyone, but especially for remote workers. Endpoint Agents provide a unique perspective into the network conditions experienced by remote workers and devices.
They gather crucial data, including:
- ICMP ping and traceroute information to network elements (proxies, VPNs, gateways) over the past 24 hours.
- Network profiles capturing connection details.
Data is collected in focused bursts every 5 minutes.
Potential Causes:
- Gateway malfunctions
- Bandwidth limitations
- Endpoint performance bottlenecks (CPU, memory)
- Poor Wi-Fi signal strength
- General Wi-Fi connectivity problems
Troubleshooting:
- Verify endpoint network settings
- Examine network interface details (speed, errors)
- Use network diagnostic tools (ping, traceroute) within ThousandEyes to gain historical context and path visualization
- Analyze logs and error messages from end devices to identify errors, configuration problems, or hardware failures
Web Performance Issues
Potential Causes:
- Browser cache/cookie issues
- Web application errors or outages
- API limitations or failures
- DNS server problems
Troubleshooting:
- Within ThousandEyes, correlate web performance metrics with underlying network conditions
- Analyze HTTP error messages for clues
- Clear browser cache and cookies, and verify firewall/proxy configurations
Broader Network Problems (Beyond the Local Network)
Potential Causes:
- ISP outages
- Network congestion
- Physical infrastructure issues (fiber cuts, power outages)
- DNS server problems
- Routing anomalies
Troubleshooting:
- In ThousandEyes, pinpoint the time the issue began
- Use the network visualization to isolate problematic nodes by filtering for an affected agent
- Differentiate between end-to-end packet loss (at the agent) and forwarding loss occurring along the network path
ThousandEyes Endpoint Agent Metrics
Familiarize yourself with the metrics collected by ThousandEyes Endpoint Agents. This knowledge is essential for:
- Problem Context: Understanding the type and scope of data collected helps you interpret the situation.
- Root Cause Identification: By correlating metrics across different layers (e.g., HTTP response time against network latency), you can pinpoint whether the issue stems from the network, application, or endpoint itself.
- Troubleshooting Remote Workers: Determine if a remote worker's issues are due to local network congestion, Wi-Fi signal strength, device resource constraints, or problems with the ISP or wider internet.
The table below provides an overview of the metrics and views available for data collected by Endpoint Agents.
Table 1: Endpoint Agent Metrics
Metric Type | Description | Relevant Views |
---|---|---|
Network | Packet loss, latency, jitter, connection failures | Real User Tests, Scheduled Tests, Dynamic Tests |
System | CPU load, memory usage | Local Networks, Real User Tests, Scheduled Tests, Dynamic Tests |
VPN | VPN loss, VPN latency | Local Networks, Real User Tests, Scheduled Tests, Dynamic Tests |
DNS | DNS server loss, DNS server latency, domain resolution time | Local Networks |
Gateway | Gateway loss, gateway latency | Local Networks |
Proxy | Proxy loss, proxy latency | Local Networks |
Wireless | Signal quality, throughput, retransmission rate, roaming events, channel swap events | Local Networks |
HTTP | Availability, response time, throughput | Scheduled Tests |
Refer to our official product documentation for a more detailed breakdown: Data Collected by Endpoint Agent
Additional things to note
-
Test Capabilities: Know the types of tests Endpoint Agents can perform and their limitations.
-
Test Prioritization: Understand how to prioritize tests, especially in resource-constrained environments.
-
Authentication and Security: Be comfortable configuring HTTP authentication and SSL verification settings for tests.
-
Network Visualization: Become proficient in interpreting the symbols and data displayed in ThousandEyes' network visualization views.
Resources
- Troubleshooting Endpoint Agent issues
- Endpoint Agent Views Reference
- Data Collected by Endpoint Agent
- What is jitter? An article on Meraki portal
- WiFi and LAN Monitoring
- VPN Monitoring
Sample Questions
3.2 Question 1
Refer to the exhibits. The endpoint has the following IP credentials:
192.168.100.9/24, DNS: 8.8.8.8,8.8.4.4, GW: 192.168.100.1
Based on the views presented in the exhibits, what led to the error occurring on
Sun, May 5 23:27 GMT +2
?
- A) The test target stopped responding.
- B) The FQDN of the test target is non-existent.
- C) The DNS servers assigned to the endpoint are unreachable.
- D) The DNS settings on the endpoint are incorrect.
3.2 Question 2
The Endpoint stopped appearing online after it was moved to another network.
The customer reviewed the endpoint logs but did not identify anything suspicious.
The customer also confirmed that the endpoint was online on the old network, and the new network is fully operational. Other endpoints that were moved to the new network are also online. Since the new network is small, the admin is using static IP assignment.
What is the best way to bring the endpoint online?
- A) It may be an issue with the lack of space in the new network. The endpoint should be moved back to the old network.
- B) The endpoint agent should be reinstalled to come online. This always helps.
- C) The endpoint will automatically come online in 10-15 minutes, no action is needed.
- D) Endpoint IP settings must be checked along with connectivity to c1.eb.thousandeyes.com.