Network Analysis

8K

Solutions

18

Articles & Videos

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello,

We are pinging a network device from a Lunix computer and see there is an indication of packet drops - see screenshot.  

I disconnect the network cable of the ping target device and I do not any ping response to that IP.  

What can I do to troubleshoot?

Thanks.
packetlost.png
0
On Demand Webinar: Networking for the Cloud Era
LVL 8
On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Greetings,
I've fumbled around doing research on this issue, but am no closer to figuring it out.  In short, I am trying to access www.bcid.org from inside their office network and cannot. They are on a domain by the name of bcid.org and connected to a single Windows 2008 R2 server (that I did not set up).  The site can be accessed from outside the network and is hosted externally.

When I browse to the website in a browser, I get the error:
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

When I ping www.bcid.org, I get the IP address (64.224.215.186) but the requests time out.  As a test, I've tried changing a workstation's DNS to 8.8.8.8 / 8.8.4.4 but still get the same issue.  I also flushed the DNS with no change.  I tried changing  the local hosts file on this workstation but also didn't see a change after adding a line for 64.224.215.186 www.bcid.org.  I just did an NSlookup from this workstation and got the server as the Google DNS server  and the Non-authoritative answer as:
www.bcid.org.bcid.org
64.224.215.186

I'm at a loss as to where to go from here or what the issue even is.  Thanks!
0
I'd like to test network bandwidth between 2 offices.   Can someone suggest a good tool I could use between the 2 computers?

Thanks,
0
Let me start off by saying I'm in no way shape or form a network engineer. I am an IT Generalist and I'm in the process of trying to figure out why some remote IP phones have stopped working for a client. I don't want to get too into the weeds, but I've looked at and compared traffic from working equipment to this non working system. What I've seemed to have boiled it down to is:

Working: Phone tries to communicate on Port 6801 with server, server sends RST, ACK - phone then tries Port 6802 - same. Finally phone tries port 6800 and everything works fine.

Non-working: Phone tries to communicate on Port 6801, receives back a RST (without ACK). Phone continually tries to communicate on port 6801 until it reboots and starts over.

I've captured traffic at the server, at the firewall and at the phone. It seems like the packets are leaving the server as RST, ACK, leaving the Firewall as RST, ACK but arriving at the remote location as RST.

I'm looking for ideas on what could cause this?
0
I have a NETGEAR ProSAFE GS748T 48-Port switch (BRAND NEW). I also have a 5 port netgear switch for two workstations. All cabling is Cat 5e. Some workstations are not running at full Gigabit. Some are 100MBPS and I even have one running at 10MBPS. I have updated all NIC drivers, they are all set to auto negotiate, and they are all gigabit nics.
0
hi team
I have couple of question on packet loss
1.  what all steps we need to take for packet loss
2. what are avialbale tools for checking packet loss
3. what are possibilities  of packet loss
4. what are the parameters to check packet loss
0
The Goal is to Setup a SysLog Server so that a message sent to syslog server with specific  word in it will be archived on a weekly basis.

For this I tried Greylog. I do see the messages coming in but I can't figure out how to automatically extract the message into either a Txt or CSV.

I also skimmed over Splunk but does not seems very intuitive.

Looking for basic features for a small environment.
0
On RH 6 systems running rsyslog 5.8.10 we noticed that if we setup a
client system to use TCP to log to a remote server:
*.*       @@192.168.1.2

Open in new window

If the remote log server is not reachable for some reason no logging takes place, not even local logging to the local system log files.
When the log server is available and rsyslog is restarted  both local logging and remote logging work.   I would like to come up with a config that would ensure that local logging still occurs when  the TCP remote server is down?  I think I need to look at action queues, but was hoping someone could provide an example on how to get this to work.
0
Over the past few weeks my laptop has appeared to be non-responsive. Running speedtests shows the download speed is fine, but the upload will start strong, then the test just seems to hang. I've tried multiple browsers, uninstalled the antivirus, turned off the firewall and Bitdefender but nothing seems to help. Thinking it was the router, I ran a speedtest tethered to my phone, but similar results. Another laptop worked fine with the router as well.

I see no issues in event log, and I tried to update the wireless drivers but it was up to date. I'm not sure what my next step should be.

Thanks for any help.
0
Can anyone recommend best way to monitor network? It is hard to pin point out where the issue is when network suddenly get slows down including wireless network.
0
Free Tool: Subnet Calculator
LVL 8
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps)
Input flow control is unsupported, output flow control is off

If below mentioned Value is increasing then what we need to do
input errors,
CRC,
frame,
overrun,
ignored,
abort
0
I have a router a with number of sub-interfaces & vlans

I have applied an ACL to stop one  VALN from accessing the other.

How can I determine this is working from the router itself (Eg how can I try a ping from the 172.22.18.0/24 network to 172.22.19.1)?

The ACL I have applied on the 0.18 interface IN BOUND is

    deny ip 172.22.18.0 0.0.0.255 172.22.0.0 0.0.255.255

Which denies any traffic from the 172.22.18.0/24 network to any 172.22.0.0/16 network. This all works. However if  on the router I try R4331#ping 172.22.24.1 source 172.22.18.1 if is Successful (it should be blocked).

When the PING is done from an actual client to 172.22.24.1 it IS blocked.



AJ

interface GigabitEthernet0/0/0.18
 description 18
 encapsulation dot1Q 18
 ip address 172.22.18.1 255.255.255.0
 ip nat inside
 ip flow monitor OFA-Flow-Monitor input
 ip flow monitor OFA-Flow-Monitor output
 ip access-group 120 in
 no cdp enable
 ip virtual-reassembly

interface GigabitEthernet0/0/0.19
 description 19
 encapsulation dot1Q 19
 ip address 172.22.19.1 255.255.255.0
 ip nat inside
 ip flow monitor OFA-Flow-Monitor input
 ip flow monitor OFA-Flow-Monitor output
 ip access-group 120 in
 no cdp enable
 ip virtual-reassembly
!



 deny ip 172.22.18.0 0.0.0.255 172.22.0.0 0.0.255.255 (applied IN on 0/0/0.18)



Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R4331#ping 172.22.24.1 source 172.22.18.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos 

Open in new window

0
Hello,
We have a network system that loadbalances 2 Vsat 15 Meg lines through a Draytek 2920 and uses a Microtic to get DNS from an ADSL line.
The purpose of this topography is to enable 30 or so PCs to operate on the network without overloading the hughes modem TCP connection limits.

The system worked well for a while but now we have periods of 5 - 10 minutes where no webbrosing can take place and we get timeouts.
The sessions in the Draytek rareley exceed 500 per Wan port so the Hughes (have a limit iof 512) should not be the issue here.
Please advise what I should be looking at on my browser and on the network to try and understand why the page loads are stalling.

My assumption is that this may be a DNS issue, I do however need assistance in using the right tools to diagnose the problem.
0
My network infrastructure includes several thousand hardware devices.  Which application will provide me with the best tracking of hardware devices, Solrwinds or SCCM?  I have the both of them on the network.
0
Dear Experts,

Could you please suggest what are Emerging Technologies especially related to IT Networks.
0
Sir ,I am  master Gaurav Khambayat , I am a Diploma student my group has decided Remote Administration as our Project Topic but we decide to use Wi -Fi instead of using Internet therefore we starting gathering data for it , but we got the conceptual part just like the concepts of VNC,VPN etc. but we did not get any idea for the actual working at the back end .We know that it happens through Ports and we need socket Programming for that but still we are lagging due to insufficient and Incomplete Information ,therefore I am asking for help Would anybody of you can tell me something that where we are Lagging  , pl help us.
0
I am moving from layer 2 to layer 3 between my main connection between 2 building (see picture). Please provide input for the before and after the change of the network. Does it make sense?
Will I have a better response time if I have svi for vlan 20 & vlan 10 on sw2? Because with the after scenario, the intervlan traffic  can be done on sw2-after, rather than go to sw1-after.

Thank you in advance.

picCapture.JPG
0
I am not able to get logs in sapphire monitoring tool from our fortinet firewall.
0
I am trying to setup a remote probe but it does not connect to the core server. I have a sonicwall router behind my network.

In the core server I set the following
Probe Connection IPs; All IPs available on this computer
Allow IPs; the ip of the remote network
Mini Probes; Allow Mini Probes to connect to the web server
Access Type; Use the PRTG core service account (usually LOCAL SYSTEM)

On the remote probe I set the following
Server; my external IP
Copied the Access Key from the server to the remote.

It does not show up on the server core

Please help
0
Technology Partners: We Want Your Opinion!
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

I was looking into building an application that goes out and pulls data from multiple databases (SQL Server and Oracle) and operating systems (Linux and Windows).  Unfortunately, pulling this data requires the application's service accounts to have more access than I would like.

I'm hoping to give IT assurance that the application is not sending out any traffic that will change any data in the source systems.

I have heard of firewalls that will monitor and filter traffic to one database.

I was hoping to do the same thing in a way - except I want one firewall that will monitor and filter traffic going out of this application to multiple databases and operating systems.  I obviously don't know anything about networking, so I don't know if this can be done.  Can one firewall monitor/filter traffic going from one place to multiple other places?

Also, do you all happen to know how much a device like this cost?  Cheaper the better.  Haha

Thanks!
0
I have configured the mirror port on Cisco switch and the Average data-flow in that port is 1 Gbps
i want to run wireshark on this data but my pc is having 100Mbps speed
so is their any way to connect to mirror port to another Cisco switch and divide 1Gbps data flow to 100Mbps X10 port which will connect to 10 100Mbps PC to view all data in wireshark?
0
I am looking for a system/software, that can monitor/audit all changes making in windows OS and network devices. That include who logged in to system and what changes they made etc.. Any recommended software can do this job well?.
0
I have a monitoring system that monitors devices responding up\down based on ICMP or ARP entries initially.  Then, if it is down, it also port scans the device for common ports to determine if the device is up.

The system shows that the device is up.  Based on the logs, it is because it is responding on port 80.   There is no response to PING and no entry in the ARP table (the last of which is confusing me the most).

I have two secondary manual scan tools.  Both seem to indicate the same thing.  

So I ran Wireshark.    I clearly see the ARP request broadcasting for the IP of the remote device and it does not get any response.    Yet I see absolutely no indication of the opening of port 80 on the remote device within Wireshark.    Yet all tools indicate that port 80 is open on the remote device.  

I only have one active NIC on the scanning machine.   It is really throwing off my monitoring and confusing the crap outa me.    How can multiple scan tools from multiple machines all indicate that the port on the remote device in question if open, while I can not get to the machine and Wireshark shows no evidence of that port actually being open?   I was thinking Loopback on the local machine or another machine promiscuously responding, but I see no evidence of either.

Any ideas would be appreciated.
~Jon
0
Where or how can I pursue IT Network continued education?

Thanks,

SN
0
Hi,

I'm looking for the suggestions about data center structure and want to know what are the steps and details to transform 2 Disaster Recovery DCs to one cluster DC in 2 different sites across WAN.

My goal is to have more advantage like load balancing, failover ... .

Actually, I'm going to config same LANs, config the ports using LACP and jumbo frames ... on switches in both sites.

Thanks for your help
0

Network Analysis

8K

Solutions

18

Articles & Videos

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).