Network Analysis

9K

Solutions

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Share tech news, updates, or what's on your mind.

Sign up to Post

We get calls from people who cannot get to a website, say cnn.com.  The cursor will just spin and the request will time out.  This happens intermittently.  We called level 2 support, and they claim that the requests are not hitting their gateway, but I am not sure this is the case.  I'd like to provide some hard data to level 2 support with a tool like wireshark, but I don't know how to interpret wireshark.

Is there a tool that is a bit simpler than wireshark that can tell me where exactly where the hold up is?  I have looked at a tool called DNSQuerySniffer, but it looks like it stops at my internal DNS server.  I have also tried a simple tracert, but tracert hops timeout on sites that are working, so they are not reliable.  

We do have company internet filters in place (fortinet), but they are managed at level 2 so I don't have access to their logs.  I am also told that there are a few old DNS server records in my forward lookup zones, but they have been there long before this problem began.  

Thank you!!
0
Microsoft Azure 2017
LVL 12
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

what is the difference between state full inspection and deep packet inspection ?


thanks !!!
0
I have a user who when tries to restore a Quickbooks database that is 100M stored on the server over the network takes hours.  When he copies the db from the server to his desktop which takes a few seconds then tries to restore it the process takes less then a min.  I would like to use wireshark to possibly identify the issue.

Questions
  1. Do i need to run Wireshark on his computer or on any computer to see if there are any issues?
  2. What should i be looking for?
  3. Should i attach a capture file or is that not secure?
0
hosting a Fortnite competition on ipads - what can i do to remove lagging/ latency issues

everyone will be on ipads and my bandwidth is 200 MB dedicated, its a small competition in our company, is there a QOS setting i can apply or any other suggestions

maybe there is a gaming port i need to open on the firewall
0
I had this question after viewing Stuck in INIT/DROTHER.

I have the same problem? OSPF INIT/Drother between Cisco Switch L3 and Cisco Firewall ASA?
I checked everything all the configuration.It looks good however it doesn’t work? I don’t really understand why?
0
Meaning of TTL in PING Reply

I have pingged 2 devices that have the same number of Hops away.
One shows TTL:124
the other shows TTL:250

I wonder how is the TTL calculated in this case .

Thank you
0
Hi guys,

When I am at my parents house,, streaming stuff is so slow. When running a speedtest it shows speeds of 25MBs download, 5mbs upload. It is 'fibre' internet that they have.

However, I am wondering how one can determine if the slowness is our side or the sender who we are viewing from. How does one determine whether it is our side? What tools can I run? Wireshark?

Thanks for helping
Yashy
0
Hi

I have a network with a Layer2 link back to a datacentre which provides our internet connection, we have no firewall onsite at present but looking to install one.

We have ordered an internet connection on premise.

We want to keep our Layer 2 connection and make use of it somehow.

We want to use the new internet connection on-premise and a firewall to route the internet. What's the best way to do this?
0
Hi

I'm moving layer 3 routing from an old core switch to a new core stack we've just purchased.

The stack has been configured with trunks and has access to the network.

The old core will not be removed just the routing will be removed from it.

At the moment the old core has links to different sites

My question is when the routing has been moved over, will I need to move cables over from the old core to the new?

Thanks
0
Hi Guys,
I observed big amount of no buffer drops on my interface facing internet, on my C2911 Router, howerver, I don't see any failed or a lot of missed packets in the buffer counters.
What could be the reason for it?

MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
     reliability 255/255, txload 42/255, rxload 122/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full Duplex, 100Mbps, media type is RJ45
  output flow-control is unsupported, input flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:03, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/76 (size/max/drops/flushes); Total output drops: 3631582
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 48118000 bits/sec, 6878 packets/sec
  5 minute output rate 16759000 bits/sec, 3252 packets/sec
     4022440271 packets input, 4092734377 bytes, 3631387 no buffer
     Received 6062 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     592 input errors, 0 CRC, 0 frame, 592 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     1319074480 packets output, 2459248571 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     1 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped …
0
OWASP Proactive Controls
LVL 12
OWASP Proactive Controls

Learn the most important control and control categories that every architect and developer should include in their projects.

I have a network that has been getting user reports that "the internet is slow".  Plenty of users....
I can see slowness in web browsing but:
- speed tests look fine
- DNS response times look fine
- internal and internet traffic levels look fine
- I've rebooted the main firewall and don't see any issues there - no recent changes.

I'm using PRTG for network monitoring and network traffic levels appear to be reasonable.

I rather suspect DNS issues but can't pinpoint any.

I'd really like to have a nice tool that would help with this.
And, suggestions about how to approach this would help.
0
I have 3 switches. I have 1 vtp mode server (A) and 2 transparent (B & C). I changed the B & C from transparent to client. I added another vlan on A. But only B updated its vlan database. I am not sure why C did not. A is directly connected to B via copper. B is connected to  C via fiber.
0
picI have router on a stick fa0/0.10 10.10.10.1/30 on R1 and an IP address assigned to R2 f0/0 10.10.10.2/30. I am trying to understand why I cannot ping R2 from R1?

pic
R1 config:
interface FastEthernet0/0
 no ip address
 duplex full
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip address 10.10.10.1 255.255.255.252
!

Open in new window


R2 config:
interface FastEthernet0/0
 ip address 10.10.10.2 255.255.255.252

Open in new window

0
I have 14 windows 7 PCs that are used as internet cafe access points. I'm looking for a way to collect data as to how much they are utilised. I am trying to ascertain if amount of PCs available meets the demand we have. For example: PC 7 is used for 4 hours per day, where as PC 6 is only used for 30 minutes a day or maybe a graph that shows usage for all PCs throughout the day, where I can see how many computers where in use at any one time. The internet connection for these machines goes via a Win Server 2016 gateway running hotspot software. The hotspot software doesn't have this kind of data collection. The network switches are only "web managed". Of course, i'm looking for a free, or cheap solution.
0
how reduce Lsass.exe bandwidth traffic because it is very high and take a lot  of internet connection bandwidth?
0
hello,
how I can log all mikrotik traffic to prtg or any other software so I can know the connections logs.
thanks.
0
Hi,

I’m hoping to get some ideas on this one. I’m having some intermittent latency and sometimes dropouts on the network, which consists of mostly Cisco SX300 switches.

When the latency or dropout happens, the CPU utilisation of the core SG300 Switch would be over 40%. I have been told the issue is caused by spanning tree and turning global spanning tree off on the core switch does help, however, I think it is not the spanning tree or it is more that just the spanning tree.

What other things could I look into in finding the cause?

Any help appreciated!

Jonathan
1
Cannot install the NDIS Capture Service on my NIC.
It states: "Could not add the requested feature.  The error is: This program is blocked by group policy.  For more info, contact your system adminstrator"

I am the system administrator.  There is not a GPO configured to block this installation.
I've looked for parameters in:
Computer Configuration | Administrative Templates | System | Removable Storage Access
Computer Configuration | Administrative Templates | System | Device Installation | Device Installation Restriction
I've run RSOP and there are no settings to this effect.

There are no settings inside either of these.

I've also checked local security and local group policy - there is also nothing defined there.

Anyone have any ideas?

Windows 10 pro, 17134.285

I've uninstalled Webroot Secure Anywhere thinking that might be the problem - no change
0
Hi guys

As we have multiple offices at our work place, we constantly have users leaving and new ones beginning. We want to keep a floor map of PC names, their locations along with the users.

This is so that when we want to do things like apply updates and they fail to a PC, we can allocate where they physically are and access that machine or even request the user to do the necessary from their end.

Does anybody use any applications to manage this?

Thank you
Yash
0
HTML5 and CSS3 Fundamentals
LVL 12
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

Port 5083 : Qpur File Protocol
Can somebody tell me for what purpose is this service used for?
1
Dear Experts,

I am a new starter to a job, and have been given an initial project to work on that I'm hoping that you can help with.

The customer has an ageing archiving solution with SAN storage that archives email from their MS Exchange platform. There is a separate project that is almost complete that will replace the solution.

I have been given the task of overseeing the decommissioning of the SAN storage.

The customer believes that the only solution using the SAN storage was the legacy email archiver, but cannot be 100% sure that other applications haven't developed dependencies on the SAN storage during it's lifespan, and I've been asked to perform some due dilligence on the SAN to try an identify any unexpected connectivity.

My initial thoughts are to run something like WireShark on that network segement to identify any traffic with the SAN IP as a destination.

Is that the right approach?

If not, what do you recommend?

If it is, could you give me some guidance on how what config I should put into Wireshark to help me see the right results?

Many thanks in advance.
0
I need to do an Enterprise Architecture maturity assessment using TOGAF framework. Can anyone who has done something similar give me guidance on best way to approach this.
Over all approach
Red flag points
Action points

Thank you for your help.

J
0
I am sysadmin..I want to know

I want to reach the server, to check the connectivity thru specific port.
This is just to varify whether the required firewall rule defined properly or not.
0
Consider the below scenario

userPC---- firewall --- Destination-server
                         10.1.1.1


I have installed some software on the server, the service  of that software is using port # 301.

1) Scenario...
      Firewall defined
      server#  service UP
        userPC# telnet 10.1.1.1 301  --> user get reply

2)Scenario...
      Firewall defined
      server# service DOWN

is there any command/3rdparty-tools available to just varify, pockets from userPC able to reach on the server through port#301

==
This I asked just to segregate if there any issue, problem from firewall side (or) destination server side.
0
What does this mean?

Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients\client2
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_PATH_NOT _FOUND
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients\client1
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_PATH_NOT _FOUND
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_NAME_NOT _FOUND
NT Create AndX Request, FID: 0x4014, Path: \clients
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients
445 > 2161 [ACK] Seq=171 Ack=576 Win=17138 Len=0
0

Network Analysis

9K

Solutions

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).