ravenrx7
asked on
Help --Network Monitoring Software
Hello and thanks in advance for helping me.
Here is the situation, every Monday between 1 and 2 our network speed slows down to 24 kbps, when usually we have a 750kbps. We are on a business DSL line also. Thing is everything is fine till this time, I think a studnet of staff member is hogging the bandwith up.
We have Cisco 2690 switches with gigabit backbone and a watchguard firebox firewall.
I was going to use netflow, but of course it doesnt support my series of switches.
I''m trying to pinpoint at that time frame, what device is causing the most traffic or using the most bandwith. Is there a software " like Netflow" that I can use, and create reports with.
Other than Orion, which is a little $$$$????
Here is the situation, every Monday between 1 and 2 our network speed slows down to 24 kbps, when usually we have a 750kbps. We are on a business DSL line also. Thing is everything is fine till this time, I think a studnet of staff member is hogging the bandwith up.
We have Cisco 2690 switches with gigabit backbone and a watchguard firebox firewall.
I was going to use netflow, but of course it doesnt support my series of switches.
I''m trying to pinpoint at that time frame, what device is causing the most traffic or using the most bandwith. Is there a software " like Netflow" that I can use, and create reports with.
Other than Orion, which is a little $$$$????
ASKER
PS I use Spice works now, but it only gives an over view of the network
Hello,
One quick question. Is the DSL line that you have a "shared" DSL line? What I mean by that is that some ISPs that have supposed business DSL lines, are actually daisy-chained throughout the neighborhood. With a daisy chain topology, let's say you are client A, and no one else is on (looking at it from the ISPs point of view) you have the full pipe of the neighborhood. Let's say client B come home from school and is a gamer and plays World of Warcraft. As soon as client B get on and starts playing, the pipe that the neighborhood shares is cut in half or more from you to give to client B (in fact client B may get up to 75-85% of the bandwidth for a while) until things start to settle down. After a time both of the clients will have half of the pipe for the neighborhood.
If your ISP does not do that then disregard, but just be aware that some ISPs do this (such as Bresnan in the northwest part of the US).
Thanks,
Kelly W.
One quick question. Is the DSL line that you have a "shared" DSL line? What I mean by that is that some ISPs that have supposed business DSL lines, are actually daisy-chained throughout the neighborhood. With a daisy chain topology, let's say you are client A, and no one else is on (looking at it from the ISPs point of view) you have the full pipe of the neighborhood. Let's say client B come home from school and is a gamer and plays World of Warcraft. As soon as client B get on and starts playing, the pipe that the neighborhood shares is cut in half or more from you to give to client B (in fact client B may get up to 75-85% of the bandwidth for a while) until things start to settle down. After a time both of the clients will have half of the pipe for the neighborhood.
If your ISP does not do that then disregard, but just be aware that some ISPs do this (such as Bresnan in the northwest part of the US).
Thanks,
Kelly W.
ASKER
thanks Kelly good question too, I first started with them ( AT&T) we had a tech come out and look over things at that time he told us we were not on a shared line. But to totally mark that out as a possiblity I talked our company into getting a T-1 line, but that's not till 3-4 weeks, thats their processing time. At one point a few weeks ago it was an every other day event, the network dropping down to 24 kbps, can you imagine 300 users on 24kbps... AHHHHHh
Hello,
What is the processor like on your Cisco? Is the processor maxed out at the time or is it the same state as before the issue happens?
There have been some bad IOS's that Cisco has put out that once you hit 50-60% usage then it climbs to 100% for no apparent reason.
What is the response time when pinging across the pipe during this time?
Thanks,
Kelly W.
What is the processor like on your Cisco? Is the processor maxed out at the time or is it the same state as before the issue happens?
There have been some bad IOS's that Cisco has put out that once you hit 50-60% usage then it climbs to 100% for no apparent reason.
What is the response time when pinging across the pipe during this time?
Thanks,
Kelly W.
With thedude you can see data usage from devices and through switches. That way you can pinpoint if some one is downloading.
ASKER
I've downloaded TheDude and it's discovering my network now
great tool.
If you need any help shout.
If you need any help shout.
Hi,
You may check out the below options;
Ntop www.ntop.org LAMP based NMS
Bandwidthd bandwidthd.sourceforge.net
ZenOSS www.zenoss.com LAMP based NMS
Nagios www.nagios.org LAMP based NMS
JFFNMS www.jffnms.org LAMP based NMS
OpenNMS www.opennms.org LAMP based NMS
Hyperic HQ www.hyperic.com LAMP based NMS
Etherape etherape.sourceforge.net LAMP based NMS
GroundWork www.groundworkopensource.com LAMP based NMS
MRTG oss.oetiker.ch/mrtg RRDTool
Cacti www.cacti.net RRDTool
PRTG www.paessler.com/prtg
Personal recommendation is using NTop, PRTG or Cacti.
You may check out the below options;
Ntop www.ntop.org LAMP based NMS
Bandwidthd bandwidthd.sourceforge.net
ZenOSS www.zenoss.com LAMP based NMS
Nagios www.nagios.org LAMP based NMS
JFFNMS www.jffnms.org LAMP based NMS
OpenNMS www.opennms.org LAMP based NMS
Hyperic HQ www.hyperic.com LAMP based NMS
Etherape etherape.sourceforge.net LAMP based NMS
GroundWork www.groundworkopensource.com LAMP based NMS
MRTG oss.oetiker.ch/mrtg RRDTool
Cacti www.cacti.net RRDTool
PRTG www.paessler.com/prtg
Personal recommendation is using NTop, PRTG or Cacti.
ASKER
dirtysnipe:
Do you know if you can scan by a network range? for example 10.102.1.x - 2.x??
Do you know if you can scan by a network range? for example 10.102.1.x - 2.x??
Yes you can specify an ip range to scan. Let me find the manual out for you.
http://wiki.mikrotik.com/wiki/Using_Discovery
this link will show you how to discover on a network ip range.
http://wiki.mikrotik.com/wiki/Using_Discovery
this link will show you how to discover on a network ip range.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
great tool
ASKER
dirtysnipe:
Do you have all your clients running the SNMP ? Im trying to get the software to shwo the TX and RX speeds between clients
Do you have all your clients running the SNMP ? Im trying to get the software to shwo the TX and RX speeds between clients
If you dont want to turn on snmp for all your client just use the snmp from switches. If you know what computer is on which port you are laughing.
http://www.snapfiles.com/get/thedude.html