Hi, my name is Mike Danseglio. I’m going to show you some cool tools that you can actually use to find lost servers. Lost servers are actually a more common problem than most people want to admit. There’re servers that have been hidden behind drywall renovations, there’re servers that have been powered on for months, years, sometimes even decades. No one bothers to maintain them and at some point you are going to need to find it, whether it’s for an audit or it catches on fire. Whatever the reason, you are going to need to find it.
There are some great specialized tools that you can use for this, but I’m going to show you a couple of basic tools that you almost certainly have at your disposal right this second. To find out at least some information to get you on your way. Now for this example, I have a pretty small office. I’m not really going to show you a lost server in my office because there are no lost servers in my office. I have chosen a server that is way out on the other side of the world from me and we are going to go ahead and get some information about that. I’m going to show you some information about that server.
First thing I’m going to do, just like always when looking for a new system, is ping it. In this case I’m looking for tpnet.pl which is actually an internet service provider in Poland. First thing you should notice is that I am able to resolve host name to an IP address, which means DNS is working. The lovely DNS entry is in there. However, it looks like tpnet.pl is not responding to pings. Whether it not responding at the host level or some routing in between, the pings are getting lost and nothing is coming back. But that’s not going to stop me. I still want to find out where this is and what information I have.
Now if you remember from previous video, I showed you traceroute. I showed you a little bit about looking at performance along the route of traceroute. In this case gives us completely different information because we are going to interpret it differently. So, lets tracert tpnet.pl and what you will see is the traceroute, the shortened TTL pings going out and looking at the routing building information between my machine and tpnet.pl, wherever it is.
You’ll see as it goes down the list it is leaving Seattle, it’s going to Los Angeles, it’s heading down to Palo Alto, its heading out to New York. This traffic is then skipping over to London, to Frankfurt, to the open gateway in the EU. Then you can see it actually hits a tpnet.pl server on hop 15, 188.8.131.52. Then after that we are having trouble because we are not able to resolve the IP address into the host name. This usually indicates that there are no DNS entries or its simply not reporting back. That’s fine.
But I can stop this here by hitting Ctrl C. What it means at this point in the traceroute the hosts are no longer responding to pings so we can’t get more traceroute information. That’s fine. This has given me plenty of information for finding a lost server. I now know that for this lost server that it is on the far side of the GW.opentransit.net gateway and I also know that the server I’m looking for is on the far side of lodz-ar2.tpnet.pl I know its IP address and I know what side of the router it’s on from that address.
I have enough information to start looking at the location for the server, figuring out where it might be in relation to these other servers. This is actually really useful, not so much useful if the server is on the other side of the plant in Poland, and I don’t have a network map for the Polish ISP tpnet.pl. However, in a data center this would usually yield enough information for me to figure out exactly where the packets were stopping. Then from there move on and identifying the location and move out from there to search and find it.
There are, however, more specialized solutions for network mapping network tracing and actually identifying the location of systems. If systems are more hard to find than this, I would recommend that you use specialized tools and certainly keep a network map up to date. There’s no excuse for a network admin to not to have a good network map available. Thanks for watching today.