WEBVTT 1 00:00:00.110 --> 00:00:01.260 In this lesson, 2 00:00:01.260 --> 00:00:03.900 we will learn about network errors. 3 00:00:03.900 --> 00:00:05.670 Network errors are issues 4 00:00:05.670 --> 00:00:09.510 that disrupt the normal flow of data across a network. 5 00:00:09.510 --> 00:00:11.460 Network errors often occur 6 00:00:11.460 --> 00:00:16.080 due to faults in configuration, hardware, or software. 7 00:00:16.080 --> 00:00:19.410 Network error source types include switching errors, 8 00:00:19.410 --> 00:00:20.490 routing errors, 9 00:00:20.490 --> 00:00:23.910 as well as a virtual private network, or VPN, 10 00:00:23.910 --> 00:00:25.650 and tunnel errors. 11 00:00:25.650 --> 00:00:28.230 Switching errors occur when data packets 12 00:00:28.230 --> 00:00:30.630 are misdirected or dropped. 13 00:00:30.630 --> 00:00:34.560 Routing errors are when incorrect or inefficient paths 14 00:00:34.560 --> 00:00:38.100 are chosen for data transmission across networks. 15 00:00:38.100 --> 00:00:41.280 And finally, VPN and tunnel errors 16 00:00:41.280 --> 00:00:43.080 are failures in establishing 17 00:00:43.080 --> 00:00:47.340 or maintaining secure connections between networks. 18 00:00:47.340 --> 00:00:50.820 Let's learn more about switching errors, routing errors, 19 00:00:50.820 --> 00:00:54.210 as well as VPN and tunnel errors. 20 00:00:54.210 --> 00:00:56.940 First, we have switching errors. 21 00:00:56.940 --> 00:01:00.960 Switching errors occur when data packets are misdirected 22 00:01:00.960 --> 00:01:04.560 or dropped as they move through a network switch. 23 00:01:04.560 --> 00:01:08.610 Switching errors are typically caused by misconfigurations 24 00:01:08.610 --> 00:01:12.690 or hardware issues within the switching infrastructure. 25 00:01:12.690 --> 00:01:15.300 Three of the most common switching errors 26 00:01:15.300 --> 00:01:19.140 include broadcast storms, VLAN mismatch, 27 00:01:19.140 --> 00:01:21.450 and duplex mismatch. 28 00:01:21.450 --> 00:01:23.340 Broadcast storms happen 29 00:01:23.340 --> 00:01:26.100 when there is a layer 2 network loop, 30 00:01:26.100 --> 00:01:30.060 which often occurs due to improper configuration 31 00:01:30.060 --> 00:01:33.450 of the Spanning Tree Protocol, or STP. 32 00:01:33.450 --> 00:01:36.480 STP is designed to prevent loops 33 00:01:36.480 --> 00:01:39.720 by blocking redundant paths in the network. 34 00:01:39.720 --> 00:01:44.720 But if STP is disabled or misconfigured, a loop can form. 35 00:01:45.450 --> 00:01:48.450 This loop causes broadcast packets 36 00:01:48.450 --> 00:01:51.510 to be endlessly forwarded between switches, 37 00:01:51.510 --> 00:01:55.590 flooding the network with traffic and degrading performance. 38 00:01:55.590 --> 00:01:58.440 For example, imagine two switches 39 00:01:58.440 --> 00:02:02.820 connected by multiple links without STP enabled. 40 00:02:02.820 --> 00:02:06.210 A broadcast packet is sent from one switch, 41 00:02:06.210 --> 00:02:09.000 which will be replicated on all paths, 42 00:02:09.000 --> 00:02:12.270 bouncing back and forth indefinitely. 43 00:02:12.270 --> 00:02:17.250 This broadcast storm can cause packet loss, device crashes, 44 00:02:17.250 --> 00:02:19.260 and network downtime 45 00:02:19.260 --> 00:02:24.260 as legitimate traffic gets overwhelmed by excess broadcasts. 46 00:02:24.300 --> 00:02:28.920 Next, VLAN mismatch is another common switching area. 47 00:02:28.920 --> 00:02:32.310 Virtual local area networks, or VLANs, 48 00:02:32.310 --> 00:02:34.170 segment network traffic, 49 00:02:34.170 --> 00:02:38.850 isolating devices within specific broadcast domains. 50 00:02:38.850 --> 00:02:40.830 A VLAN mismatch occurs 51 00:02:40.830 --> 00:02:43.560 when two switches connected by a trunk 52 00:02:43.560 --> 00:02:46.740 are configured with different VLAN settings. 53 00:02:46.740 --> 00:02:51.060 For example, imagine two buildings in an organization 54 00:02:51.060 --> 00:02:53.010 are connected by switches, 55 00:02:53.010 --> 00:02:56.490 and the IT department has set up VLANs 56 00:02:56.490 --> 00:02:58.800 to segment network traffic. 57 00:02:58.800 --> 00:03:01.680 In building one, the switch is configured 58 00:03:01.680 --> 00:03:05.940 to assign all office computers to VLAN 30 59 00:03:05.940 --> 00:03:08.340 for internal communications. 60 00:03:08.340 --> 00:03:12.840 However, in building two, the switch is incorrectly set 61 00:03:12.840 --> 00:03:17.280 to assign the same types of computers to VLAN 40. 62 00:03:17.280 --> 00:03:20.670 Because the VLAN configurations don't match, 63 00:03:20.670 --> 00:03:23.010 the traffic between these two buildings 64 00:03:23.010 --> 00:03:25.470 is dropped or misrouted. 65 00:03:25.470 --> 00:03:29.040 This results in employees in the first building 66 00:03:29.040 --> 00:03:32.310 being unable to access shared resources 67 00:03:32.310 --> 00:03:34.560 like printers or file servers 68 00:03:34.560 --> 00:03:36.690 located in the second building, 69 00:03:36.690 --> 00:03:40.770 even though they are part of the same logical network. 70 00:03:40.770 --> 00:03:45.770 This kind of VLAN mismatch can severely disrupt operations. 71 00:03:46.290 --> 00:03:50.550 Finally, duplex mismatch is the last switching error 72 00:03:50.550 --> 00:03:51.990 we will discuss. 73 00:03:51.990 --> 00:03:56.310 Duplex mismatch occurs when two ends of a network link 74 00:03:56.310 --> 00:03:58.770 have different duplex settings. 75 00:03:58.770 --> 00:04:03.030 Duplex refers to how data flows between devices. 76 00:04:03.030 --> 00:04:05.670 Full duplex allows data to be sent 77 00:04:05.670 --> 00:04:08.160 and received simultaneously, 78 00:04:08.160 --> 00:04:10.740 while half duplex only allows 79 00:04:10.740 --> 00:04:13.860 send or receive at any one time. 80 00:04:13.860 --> 00:04:15.960 A duplex mismatch happens 81 00:04:15.960 --> 00:04:19.980 when one side of a connection is set to full duplex 82 00:04:19.980 --> 00:04:23.340 and the other side is set to half duplex. 83 00:04:23.340 --> 00:04:26.850 This misconfiguration leads to collisions 84 00:04:26.850 --> 00:04:31.590 as the half duplex side tries to control the flow of traffic 85 00:04:31.590 --> 00:04:35.550 while the full duplex side continues sending data. 86 00:04:35.550 --> 00:04:38.460 This can cause severe performance issues 87 00:04:38.460 --> 00:04:41.430 including packet loss, retransmissions, 88 00:04:41.430 --> 00:04:43.320 and network slowdowns. 89 00:04:43.320 --> 00:04:45.540 A practical example of this 90 00:04:45.540 --> 00:04:48.240 would be a server connected to a switch 91 00:04:48.240 --> 00:04:52.080 where the server's network card is set to full duplex, 92 00:04:52.080 --> 00:04:56.010 but the switch port is configured for half duplex. 93 00:04:56.010 --> 00:04:59.310 This mismatch would lead to poor communication 94 00:04:59.310 --> 00:05:02.790 between the server and other devices on the network, 95 00:05:02.790 --> 00:05:05.040 slowing down data transfers 96 00:05:05.040 --> 00:05:06.630 and affecting the performance 97 00:05:06.630 --> 00:05:10.110 of applications relying on this connection. 98 00:05:10.110 --> 00:05:13.050 Second, we have routing errors. 99 00:05:13.050 --> 00:05:17.610 Routing errors occur when incorrect or inefficient paths 100 00:05:17.610 --> 00:05:21.390 are used for data transmission across networks. 101 00:05:21.390 --> 00:05:24.543 Routing errors are typically caused by misconfigurations, 102 00:05:25.800 --> 00:05:30.570 incorrect routing tables, or unstable network conditions. 103 00:05:30.570 --> 00:05:33.330 Three of the most common routing errors 104 00:05:33.330 --> 00:05:37.320 include routing loops, incorrect subnet masks, 105 00:05:37.320 --> 00:05:39.090 and route flapping, 106 00:05:39.090 --> 00:05:42.150 each of which can cause significant disruptions 107 00:05:42.150 --> 00:05:44.100 in network performance. 108 00:05:44.100 --> 00:05:47.130 Routing loops happen when a packet gets stuck 109 00:05:47.130 --> 00:05:50.160 in a continuous cycle between routers 110 00:05:50.160 --> 00:05:53.070 without ever reaching its destination. 111 00:05:53.070 --> 00:05:57.000 This occurs due to misconfigured routing protocols 112 00:05:57.000 --> 00:05:59.550 or improper route advertisements, 113 00:05:59.550 --> 00:06:02.610 which create a loop in the network path. 114 00:06:02.610 --> 00:06:06.330 For example, in a dynamic routing environment, 115 00:06:06.330 --> 00:06:10.290 using a protocol like Routing Information Protocol, 116 00:06:10.290 --> 00:06:14.550 if a router advertises a route back to the original sender 117 00:06:14.550 --> 00:06:18.480 due to an outdated or incorrect routing table entry, 118 00:06:18.480 --> 00:06:22.950 a packet could keep circling between routers indefinitely. 119 00:06:22.950 --> 00:06:26.760 The mechanism that leads to this type of routing loop 120 00:06:26.760 --> 00:06:29.880 is often triggered by slow route convergence 121 00:06:29.880 --> 00:06:34.290 or a delay in propagating updated routing information. 122 00:06:34.290 --> 00:06:37.920 For instance, if a network segment goes down 123 00:06:37.920 --> 00:06:41.880 and a router doesn't yet know that a route is invalid, 124 00:06:41.880 --> 00:06:45.750 it might continue advertising that route to its neighbors. 125 00:06:45.750 --> 00:06:48.720 The neighboring routers, unaware of the failure, 126 00:06:48.720 --> 00:06:50.040 update their tables 127 00:06:50.040 --> 00:06:53.970 and send traffic back toward the failed route. 128 00:06:53.970 --> 00:06:56.460 This process can create a loop 129 00:06:56.460 --> 00:06:59.490 where routers keep sending the packet back and forth, 130 00:06:59.490 --> 00:07:02.220 thinking the route is still valid. 131 00:07:02.220 --> 00:07:04.950 Next, incorrect subnet masks 132 00:07:04.950 --> 00:07:07.350 are another common routing error 133 00:07:07.350 --> 00:07:11.880 and occur when the subnet mask associated with an IP address 134 00:07:11.880 --> 00:07:14.580 is not configured correctly. 135 00:07:14.580 --> 00:07:17.700 A subnet mask defines the network portion 136 00:07:17.700 --> 00:07:20.940 and host portion of an IP address, 137 00:07:20.940 --> 00:07:22.650 and when this is wrong, 138 00:07:22.650 --> 00:07:25.650 routers can forward packets to the wrong subnet 139 00:07:25.650 --> 00:07:28.320 or fail to forward them at all. 140 00:07:28.320 --> 00:07:31.260 For example, if a device is assigned 141 00:07:31.260 --> 00:07:36.260 to an IP address in the 192.168.1.0/24 network, 142 00:07:40.110 --> 00:07:45.110 but mistakenly configured with a subnet mask of /16, 143 00:07:45.120 --> 00:07:47.550 the router might try to route traffic 144 00:07:47.550 --> 00:07:52.550 intended for the 192.168.2.0 network to the device, 145 00:07:53.880 --> 00:07:56.700 causing connectivity issues. 146 00:07:56.700 --> 00:07:59.160 This leads to problems where devices 147 00:07:59.160 --> 00:08:03.000 that should be able to communicate within the same network 148 00:08:03.000 --> 00:08:04.170 are isolated, 149 00:08:04.170 --> 00:08:05.640 while routing tables 150 00:08:05.640 --> 00:08:09.330 may incorrectly forward traffic to distant networks, 151 00:08:09.330 --> 00:08:11.760 disrupting the flow of data. 152 00:08:11.760 --> 00:08:15.120 Our last routing error is route flapping. 153 00:08:15.120 --> 00:08:17.880 Route flapping refers to a situation 154 00:08:17.880 --> 00:08:21.720 where a network route continuously changes its state, 155 00:08:21.720 --> 00:08:24.240 going up and down frequently, 156 00:08:24.240 --> 00:08:27.630 causing instability in the routing tables. 157 00:08:27.630 --> 00:08:31.290 This can occur due to unstable network links, 158 00:08:31.290 --> 00:08:32.730 faulty hardware, 159 00:08:32.730 --> 00:08:36.390 or misconfigurations in the routing protocols. 160 00:08:36.390 --> 00:08:39.270 When a router frequently advertises 161 00:08:39.270 --> 00:08:42.930 that a route is available, then unavailable, 162 00:08:42.930 --> 00:08:46.950 other routers must constantly update their routing tables, 163 00:08:46.950 --> 00:08:49.740 leading to network instability. 164 00:08:49.740 --> 00:08:53.250 For example, in an Open Shortest Path First, 165 00:08:53.250 --> 00:08:56.010 or OSPF routing environment, 166 00:08:56.010 --> 00:08:58.380 if a link becomes unstable 167 00:08:58.380 --> 00:09:02.850 and repeatedly fluctuates between available and unavailable, 168 00:09:02.850 --> 00:09:05.580 routers in the network will continuously 169 00:09:05.580 --> 00:09:07.380 update their routing tables 170 00:09:07.380 --> 00:09:10.830 to reflect the changing status of that link. 171 00:09:10.830 --> 00:09:14.550 This constant recalculation takes time 172 00:09:14.550 --> 00:09:17.580 and can lead to delays in packet forwarding, 173 00:09:17.580 --> 00:09:22.200 increased network latency, and potentially dropped packets. 174 00:09:22.200 --> 00:09:25.290 Our third and last type of network error 175 00:09:25.290 --> 00:09:28.260 is VPN and tunnel errors. 176 00:09:28.260 --> 00:09:32.370 Virtual private network, or VPN, and tunnel errors 177 00:09:32.370 --> 00:09:35.460 occur when the encrypted communication tunnels 178 00:09:35.460 --> 00:09:38.100 between different networks or endpoints 179 00:09:38.100 --> 00:09:40.683 face disruptions due to misconfigurations, 180 00:09:41.790 --> 00:09:45.450 expired credentials, or encryption failures. 181 00:09:45.450 --> 00:09:48.210 Incorrect settings in VPN tunnels 182 00:09:48.210 --> 00:09:50.550 can lead to connectivity issues 183 00:09:50.550 --> 00:09:54.960 or failed connections between the client and the server. 184 00:09:54.960 --> 00:09:58.620 VPN settings define critical parameters 185 00:09:58.620 --> 00:10:02.880 such as IP addresses, tunnel types, routing rules, 186 00:10:02.880 --> 00:10:05.550 and DNS configurations. 187 00:10:05.550 --> 00:10:08.850 A misconfiguration in any of these settings 188 00:10:08.850 --> 00:10:12.570 can prevent the VPN from functioning correctly. 189 00:10:12.570 --> 00:10:16.260 For example, if a VPN tunnel is set up 190 00:10:16.260 --> 00:10:20.160 with the incorrect IP address for the remote endpoint, 191 00:10:20.160 --> 00:10:22.410 the client will attempt to send traffic 192 00:10:22.410 --> 00:10:24.330 to the wrong destination, 193 00:10:24.330 --> 00:10:27.480 and the tunnel will fail to establish. 194 00:10:27.480 --> 00:10:30.030 This can be especially problematic 195 00:10:30.030 --> 00:10:32.310 in large corporate environments 196 00:10:32.310 --> 00:10:35.760 where VPNs are used to connect remote workers 197 00:10:35.760 --> 00:10:38.220 to internal resources. 198 00:10:38.220 --> 00:10:41.400 If the VPN settings are misconfigured, 199 00:10:41.400 --> 00:10:43.470 employees may be unable 200 00:10:43.470 --> 00:10:46.710 to access critical business applications, 201 00:10:46.710 --> 00:10:50.640 leading to downtime and productivity loss. 202 00:10:50.640 --> 00:10:55.200 Next, expired certificates are another common issue 203 00:10:55.200 --> 00:10:58.500 that causes VPN tunnel errors. 204 00:10:58.500 --> 00:11:02.220 Many VPNs rely on digital certificates 205 00:11:02.220 --> 00:11:06.720 for mutual authentication between the client and the server, 206 00:11:06.720 --> 00:11:09.960 ensuring that both sides are trusted. 207 00:11:09.960 --> 00:11:12.810 Certificates have an expiration date, 208 00:11:12.810 --> 00:11:15.300 and if not renewed in time, 209 00:11:15.300 --> 00:11:18.450 they will cause authentication failures. 210 00:11:18.450 --> 00:11:22.920 For example, if an organization uses certificates 211 00:11:22.920 --> 00:11:25.350 for its site to site VPN, 212 00:11:25.350 --> 00:11:27.960 and one of the certificates expires, 213 00:11:27.960 --> 00:11:31.110 the VPN tunnel will no longer be able 214 00:11:31.110 --> 00:11:34.470 to authenticate the devices on either end. 215 00:11:34.470 --> 00:11:35.610 This will cause 216 00:11:35.610 --> 00:11:38.940 the secure communication channel to break down, 217 00:11:38.940 --> 00:11:43.710 leaving the network exposed to potential security risks. 218 00:11:43.710 --> 00:11:48.330 So the regular monitoring of certificate expiration dates 219 00:11:48.330 --> 00:11:51.420 and setting automated renewal processes 220 00:11:51.420 --> 00:11:54.510 can help prevent this type of error. 221 00:11:54.510 --> 00:11:57.660 Finally, issues with encryption protocols 222 00:11:57.660 --> 00:12:00.660 can also disrupt VPN tunnels, 223 00:12:00.660 --> 00:12:02.550 especially when outdated 224 00:12:02.550 --> 00:12:06.150 or misconfigured protocols are in use. 225 00:12:06.150 --> 00:12:09.330 VPN tunnels rely on encryption 226 00:12:09.330 --> 00:12:12.270 to secure the data that passes through them 227 00:12:12.270 --> 00:12:17.270 using protocols like Internet Protocol Security, or IPsec, 228 00:12:17.280 --> 00:12:22.170 or Transport Layer Security, also known as TLS. 229 00:12:22.170 --> 00:12:26.970 However, if there is a mismatch in the encryption algorithms 230 00:12:26.970 --> 00:12:30.570 or keys used between the client and the server, 231 00:12:30.570 --> 00:12:33.510 the tunnel will fail to establish. 232 00:12:33.510 --> 00:12:37.050 For example, if one end of the VPN 233 00:12:37.050 --> 00:12:40.710 is configured to use the Advanced Encryption Standard, 234 00:12:40.710 --> 00:12:42.690 or AES encryption, 235 00:12:42.690 --> 00:12:44.520 while the other end is set up 236 00:12:44.520 --> 00:12:47.463 to use the Data Encryption Standard, or DES, 237 00:12:48.450 --> 00:12:52.800 the encryption negotiation between the two ends will fail 238 00:12:52.800 --> 00:12:55.830 and the tunnel will not be secured. 239 00:12:55.830 --> 00:12:58.140 This can expose sensitive data 240 00:12:58.140 --> 00:13:00.840 to interception during transmission, 241 00:13:00.840 --> 00:13:04.470 so ensuring that both sides of the VPN 242 00:13:04.470 --> 00:13:07.770 use strong and compatible encryption protocols 243 00:13:07.770 --> 00:13:09.540 is essential for maintaining 244 00:13:09.540 --> 00:13:12.840 a secure and reliable connection. 245 00:13:12.840 --> 00:13:16.920 So remember, network errors disrupt 246 00:13:16.920 --> 00:13:19.860 the flow of data across a network 247 00:13:19.860 --> 00:13:24.510 and are often caused by misconfigurations, hardware issues, 248 00:13:24.510 --> 00:13:26.430 and software bugs. 249 00:13:26.430 --> 00:13:30.330 Common network errors include switching, routing, 250 00:13:30.330 --> 00:13:33.150 and VPN or tunnel errors. 251 00:13:33.150 --> 00:13:37.320 Switching errors occur when data packets are misdirected 252 00:13:37.320 --> 00:13:41.430 or dropped due to issues like broadcast storms, 253 00:13:41.430 --> 00:13:45.420 virtual local area network, or VLAN, mismatch 254 00:13:45.420 --> 00:13:48.060 or duplex mismatch. 255 00:13:48.060 --> 00:13:51.360 Routing errors such as routing loops, 256 00:13:51.360 --> 00:13:55.020 incorrect subnet masks, and route flapping 257 00:13:55.020 --> 00:13:59.340 lead to inefficient or disrupted data transmission. 258 00:13:59.340 --> 00:14:03.060 Finally, virtual private network, or VPN, 259 00:14:03.060 --> 00:14:07.020 and tunnel errors arise from incorrect settings, 260 00:14:07.020 --> 00:14:11.820 expired certificates, or encryption protocol mismatches, 261 00:14:11.820 --> 00:14:14.790 preventing secure communications. 262 00:14:14.790 --> 00:14:18.570 Regular monitoring and proper configuration 263 00:14:18.570 --> 00:14:21.420 help avoid these types of errors 264 00:14:21.420 --> 00:14:24.783 and maintain network reliability.