Solved

TX & RX discards reported in Solarwinds Orion

Posted on 2011-02-23
6
2,192 Views
Last Modified: 2012-05-11
I am using Solarwinds Orion NPM and it is working very well. The question I have is, several of our domain controllers show hundreds of thousands of packet discards per day. I have ran wireshark but can't see any type of malicious looking packets that show up in that high of numbers. How do you figure out what is being discarded?
0
Comment
Question by:allansanmar
  • 3
  • 2
6 Comments
 
LVL 3

Expert Comment

by:residents
ID: 34964446
I think I would first look at why it is being discarded. I just ran into something similar on a network and the problem was the switch port was starting to flake out. Since the switch was totally 100% full, we replaced it and the problem disappeared and the speed increased. I think I would track it down after hours and see if you could move the switch port the server is plugged into and see if you are still getting so many drops. If so then it may be time to look at the NIC or software.
0
 

Author Comment

by:allansanmar
ID: 34964793
I don't think it's the switchport for several reasons. I have had Cisco TAC look at the switch and evaluate the tech support log, they said the switch looked fine to them. I have also went as far as to hard code the switchport and the server NIC to match (1g full). Also I have this happenning on several Windows DC's in different physical locations and this also happens on 1 of our Exchange servers. Any other thoughts?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 34965889
I want to make sure I understand what is actualy discarding the packets.

Does NMP say that Windows says it is discarding the packets, or it is the switch port that is reporting the packets are being discarded?
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 57

Expert Comment

by:giltjr
ID: 34965899
IF it is Windows, can you provide the output from:

     netstat -e -s
0
 

Author Comment

by:allansanmar
ID: 34970064
It is being reported by snmp from the servers. Here is the output you requested from 1 of the servers netstat.txt
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 34975989
O.K.,  Typically packets are dropped due to lack of resources.

Outbound packets are dropped because of lack of buffer space normally, the buffers fill up because of network issue, or because you (meaning applications running on the server) are trying to send more data faster than the network can handle.

Inbound packets can be dropped for various reasons here is a list of some of the possible reasons:

    http://tech.groups.yahoo.com/group/discussion-pcausa/message/7959

You could do a packet capture (I use wireshark).  For inbound packets that are dropped you should see the remote site re-sending the data.  

For outbound packets I'm not sure how to see this.  If wireshark sees the packet then more than likely the packet got sent, if wireshark does not see it it got dropped, but I have no clue how to tell.  I would assume that if enough outbound packets got dropped the sending application would report errors.

0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
what exactly is bandwidth and how is it determined 6 120
Speed testing 26 101
WLC not listing 5Ghz enabled SSID as avaiable networks 5 112
Decrypting SSL traffic in wireshark 7 118
Many network operators, engineers, and administrators do not take several factors into consideration when troubleshooting network throughput and latency issues.  They often  measure the throughput by performing a measurement  by transferring a large…
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question