System Administration Guide: Resource Management and Network Services

Fixing Network Problems That Affect PPP Performance

If the PPP link becomes active but few hosts on the remote network are reachable, a network problem could be indicated. This section explains how to isolate and fix network problems that affect a PPP link.

How to Diagnose Network Problems

Become superuser on the local machine and shut down the problematic link.

Disable any optional protocols in the configuration files by adding the following options to your PPP configuration:
noccp novj nopcomp noaccomp default-asyncmap
These options provide the simplest, uncompressed PPP available. Try invoking these options as arguments to pppd on the command line. If you can reach the previously unreachable hosts, add the options in either of the following places.
- /etc/ppp/peers/peer-name, after the call option
- /etc/ppp/options, so that they apply globally

Call the remote peer with debugging turned on.
% pppd debug call peer-name

Obtain verbose logs from the chat program by using the -v option of chat.

For example, use the following format in any PPP configuration file:
connect 'chat -v -f /etc/ppp/chatfile'
/etc/ppp/chatfile represents the name of your chat file.

Try to re-create the problem by using Telnet or other applications to reach the remote hosts.

Observe the debugging logs. If you still cannot reach remote hosts, the PPP problem might be network-related.

Verify that the IP addresses of the remote hosts are registered Internet addresses.

Some organizations assign internal IP addresses that are known within the local network but cannot be routed to the Internet. If the remote hosts are within your company, you or another administrator must set up a name-to-address translation (NAT) or proxy server to reach the Internet. If the remote hosts are not within your company, you should report the problem to the remote organization.

Examine the routing tables.
1. Check the routing tables on both the local machine and the peer.
2. Check the routing tables for any routers that are in the path from the peer to the remote system and the path back to the peer.
  
  Ensure that the intermediate routers have not been misconfigured. Often the problem can be found in the path back to the peer.

(Optional) If the machine is a router, check the optional features.
# ndd -set /dev/ip ip_forwarding 1
For more information about ndd, refer to the ndd(1M) man page.

Check the statistics that are obtained from netstat -s and similar tools.

For complete details on netstat, refer to the netstat(1M) man page.

Run statistics on the local machine.

Call the peer.

Observe the new statistics that are generated by netstat -s.

You can use the messages that are generated by netstat -s to isolate and fix the network problems that are shown in the next table.

Table 35-2 Common Network Problems That Affect PPP


Message	Problem	Solution
`IP packets not forwardable`	The local host is missing a route.	Add the missing route to the local host's routing tables.
`ICMP input destination unreachable`	The local host is missing a route.	Add the missing route to the local host's routing tables.
`ICMP time exceeded`	Two routers are forwarding the same destination address to each other, causing the packet to bounce back and forth until the time-to-live (TTL) value is exceeded.	Use `traceroute` to find the source of the routing loop, and then contact the administrator of the router in error. For information about `traceroute`, refer to the traceroute(1M) man page.
`IP packets not forwardable`	The local host is missing a route.	Add the missing route to the local host's routing table.
`ICMP input destination unreachable`	The local host is missing a route.	Add the missing route to the local host's routing tables.

Check the DNS configuration.

A faulty name service configuration causes applications to fail because IP addresses cannot be resolved.

You can find information for fixing name service problems in "traceroute" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).