Network Analysis

8K

Solutions

18

Articles & Videos

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Share tech news, updates, or what's on your mind.

Sign up to Post

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
0
Technology Partners: We Want Your Opinion!
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Join Greg Farro and Ethan Banks from Packet Pushers and Greg Ross from Paessler for a discussion about smart network monitoring with PRTG.  Ethan, Greg and Greg discuss strategies for monitoring your IT infrastructure, how to deal with the complexity of monitoring large networks, and how to glean actionable information from multiple data points.

Listen to the podcast to learn how network monitoring can identify issues in your network before they impact your users.

Please note that this podcast was sponsored by Paessler.
0
load balancing
Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
0
Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports operate.
5
 
LVL 6

Author Comment

by:jorge diaz
Comment Utility
Thanks for pointing it out Gauthier.

Thanks for the comment Jim.
0
 

Expert Comment

by:Naif Almarzuqi
Comment Utility
Excellent article, easy to understand
Thanks Alot
0

Introduction


Many times we come across a slowness or instability between two hosts, and almost always we blame the poor networking guys, just because they're an easy target.  Sometimes we forget that other factors including disk bottlenecks, CPU overload or software may be the cause of the software.  Conversely, network engineers may automatically discount your claims by asking you to do a PING test.  It replied?  Well then, there is no network problem.

We're going to provide both the infrastructure team and networking team a very useful tool to help discount potential causes - and at the same time, providing a valuable tool to measure true network throughput between two hosts.

The tool of my choice is IPERF, and this article is going to teach this.

Why IPERF?


There are many other methods in which to calculate network performance - I myself have written an application to read a file from a network share to memory to test network performance, but that in itself is a flawed test because I may be limited by the Disk I/O of the source server.  Protocol overhead for storage protocols such as SMB/CIFS/NFS/NCP also affects my metering.

Some people rely purely on PING responses to test the stability of a network link, but this isn't good enough.  The standard packet size for a PING is 48 bytes, and although you can increase this, the delay between pings is insufficient to catch instability.

IPERF gets rid of these potential bottlenecks and tests…
8
 

Expert Comment

by:rdenoyer
Comment Utility
Neat.. thanks!
0
 
LVL 18

Expert Comment

by:LesterClayton
Comment Utility
Iperf Windows version moved to http://www.cst.ucf.edu/resources/iperf/
0
Large and small networks have one same need, Service monitoring. Service monitoring consists of watch services of the several servers in the network. To monitor means that the administrator will receive an alert when a service is down or it's state is abnormal besides an alert the monitoring activity also means to verify the state this same service through graphs.

In the market there are several tools to do this tasks, there are two tools open source that do this task very well, Nagios and Cacti. The first one, Nagios, can monitor services state and computer information like, OS, HDD, processor, network, communication ports, specific services, etc, and warn the administrators by e-mail, sms, sounds, screen messages, etc; and the second one, Cacti, it can be said that it's an evolution of Nagios. Cacti basically do the same thing that Nagios but it generates graph reports of the monitored services, all the information that Cacti collects is storage at a database, usually MySQL, so this way the administrator can have a large space time of data, like at some point you need to generate a graph of the activity of the SMTP service of Exchange 2003 during the period of March to June; Cacti is able to do this.

Cacti Information:
website: http://www.cacti.net
License: Opensource
Requirements: RRDTool, MySQL, PHP and a Web Server.
Complete Documentation: http://docs.cacti.net/manual:087

Usually …
0
Many network operators, engineers, and administrators do not take several factors into consideration when troubleshooting network throughput and latency issues.  They often  measure the throughput by performing a measurement  by transferring a large file and measure the time it takes to transfer that file; however the results will result in what is called goodput which is less than the maximum throughput, leading the operators to believe that their link is not operating as it should be. In fact, there are many overheads and other variables involved.

Introduction

The above summary is from a theoretical perspective, it appears straight forward; you have a client and a server connected to a single high-end layer 2 switch (Cisco 2960G) and if you transfer a file, you expect 1Gbps between the client and server. Right? Sure, in this scenario you can expect close to 1Gbps between the client and a server (assuming 0 percent utilization of the bandwidth); however, the fact of the matter is that it is always not as predictable as you may think it is. In this discussion, I will be addressing key points related to throughput and latency issues which will revolve around Ethernet, TCP, Bandwidth Delay Product (BDP), and Long Fat Networks (LFN). I work for a company that started out as an ISP (The company provided mainly dial-up, DSL and web hosting), the company extended it's first class services and is now mainly a managed hosting and Co-location company. In the many years …
28
 
LVL 1

Expert Comment

by:banjo1960
Comment Utility
This is great and very helpful.

When dealing with performance issues which have so many variables it is great to be able to know the variables and their impacts.

I am reading it now as I look at a new problem.

Thanks!
0
 

Expert Comment

by:Bradamon
Comment Utility
Excellent article
0
How would you tell what computer was using up all of your Internet bandwidth ?

If you cannot answer this question, this article is for you.  

The solutions below should work with just about anything using established standards rather than proprietary software. Some commercial firewall appliances will already tell you this info. For this Article, I do refer to Sonicwall, but the suggestions will provide valuable information regardless. The resulting information is extremely valuable to have when there are problems (either real, or just perceived by your users).

Now, if budget was not a problem and there was a pressing need to just purchase something, I would probably purchase the PRTG Network Monitor ($380) or Solarwinds Orion NPM ($2475) because they will work with just about anything and aren't tied to Sonicwall.  They can even collect usage from packet sniffing so will work with ANYTHING.  

The quick answer may be able to just download and configure Passler PRTG trial or free version or AdvancedRM to get what you need, if needed "now".  Both of these utilities rely on SNMP.  PRTG also can collect info a few different ways and is more versatile and comprehensive.  Free version is limited to 10 sensors but the commercial version isn't that expensive compared to enterprise consoles.  If you enable the SNMP services on each of the servers and user systems as well as the Sonicwall, you can compare charts and get what you need.  

Being budget concious, what I …
2
 
LVL 8

Expert Comment

by:J Spoor
Comment Utility
Overall a really good document !
0
 
LVL 5

Expert Comment

by:Kimberley from Paessler
Comment Utility
Hi cybervzhn_tech,

Yes, a good article!  I wonder if you could update the parts about PRTG, since there's been a significant change in our licensing since 2010.  In particular, the 100-sensor licence which was $380 is now free!  The first paid license is now the 500-sensor license ($1600).  Could you please update the price from $380 to $1600, and then later in the article, where you talk about 10 free sensors, update this part to 100 sensors?

Thanks!

Kimberley (from Paessler)
0
In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is available starting with 6.0.

The profiling is only available in CLI, so you need to know how to get there by a serial attached terminal emulation, or telnet / ssh. This is not covered here.

General CLI tip
At all times, you can type unique starting parts of the commands:
 
get fpro pac stop

Open in new window

and if you can't remember the syntax, just put a question mark after your command to get further help:
 
get fpro pac ?

Open in new window

or press [Tab] for auto-complete and help

How to

1. Preparation of profiling


The preparation can be done at any time, and needs not to be changed once set up.
 
unset fprofile packet wrap
set fprofile packet enable
set fprofile packet count 16

Open in new window

The count is measured in kilo-packets, allowed are 1-256
 

2. Start and stop profiling

 

clear fprofile
set fprofile packet start

Open in new window

If you set up nowrap (like above), profiling ends automatically as soon as the packet count is reached. If you set wrap mode, the buffer used is overwritten until you issue a
 
set fprofile packet stop

Open in new window

I've seen no CPU effect if you leave fprofile enabled (but stopped), however you can disable that to be safe:
 
unset fprofile packet enable

Open in new window

After disabling fprofile, the collected profile data is not available anymore, even after reenabling.
If you want to check the actual state of the profiling enginge:
 
get fprofile

Open in new window

shows state of fprofile: enabled and start or stop.
 

3. Viewing the profile

2

Network Analysis

8K

Solutions

18

Articles & Videos

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).