Network Analysis

9K

Solutions

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Share tech news, updates, or what's on your mind.

Sign up to Post

I need to design a topology of our network for a meeting that shows all the network servers and communication appliances.  What software can I use that is simple or free to do so?

Thanks
0
CompTIA Cloud+
LVL 13
CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

Which can be a good software to monitoring the network, for example to know which computer is using alot of data in the network

Free or buy
0
I am setting up our infrastructure to enable remote phones on a new phone system we installed. The phone vendor requirements were fairly simple, port forward UDP 443 to a device on our DMZ(the virtual machine). Easy, or so I thought.



Everything looks good from the Firewall end. If I plug in the phone, I can see the traffic hit the firewall, and be forwarded to the device lets say is 11.11.11.11. No issues I can see from the firewall end. It's a Barracuda NG F280, I have gone over it over and over with Barracuda support and they see nothing from their end.



The issue is that traffic never hits 11.11.11.11. I have set up a monitoring VM on my DMZ with wireshark, never see the traffic. The VM has a packet monitor built in so I can create packet captures on the interface directly, never see the traffic. If I run a netcat cmd for UDP 443, I see nothing. I see other traffic. If I ping 11.11.11.11 from anywhere else on the network, I see it. There is nothing between this device and the Firewall, except the VMWare hypervisor.



I am at a loss at this point. My Firewall vendor says it isn't on their end, my phone vendor says it isn't on theirs. I believe that to be the truth, but I don't know what else it could be. Does anyone have any ideas? Only thing I can think of is something in VMWare, but I have never seen VMWare block traffic like that before.

Some more info:

Seems localized in some way to port number. If I change my forwarding rule to port 3300 instead…
0
Hi guys

There are moments when people in a particular area of the office have connectivity issues from their local PC's to the actual servers. They will say that connecting from their local machines to the server is taking a while.

I know it may not be necessary, but I would like to know if tomorrow I wanted to show people how you can measure network traffic or even connectivity problems at different points on the network, I wanted to be able to showcase it.

I was wondering whether there are ways of testing each segment of our network to see whether there are any red flags that come up. For example, how would I measure if there is a physical connectivity issue between the floor port their PC's are plugged into and the port on the switch? How about from the switch they are plugged in to, to the server? If so, then can you explain, literally, how would you go about doing this?

Thank you for helping
Yash
0
Thousand Eyes seems like a really good software.  Helped me to figure out routing issues.  Love to deploy it our Data centers. Worth to have paid account?
Wonder what other forks are using?
0
I have a Dell Server running W 2008 R2.
It's on a LAN with 8 pcs running W7Pro and W10Pro.

If I go on ANY of the PCs and try to Map a Network Drive, I  see only THREE (of the Eight PCs) but NOT the Server.

I can Ping the Server from any of the PCs and the Server responds (but wont connect).

It's obviously a setting on the Server but I don't know where to look.

Can anyone give me some pointers?

Thanks,

Biggles
0
I have some SLES 12.2 server where I need to monitor certain network traffic for diagnosing a problem that occurs every now an then. I'll try to record the traffic with tcpdump, and when that problem arises, I could dissect the correcponding network traffic with Wireshark.

I've set up a main script which contains
#!/bin/bash
tcpdump -iany -G $((30*60)) -n -w tcpdump.io.%F_%H%M%S.pcap -z ./tcpdump_postproc.sh net 192.168.1.0/24 or net 192.168.2.0/24 > tcpdump.statistics
./tcpdump_postproc.sh

Open in new window

and a helper script tcpdump_postproc.sh for some postprocessing:
#!/bin/bash
gzip *.pcap
find . -maxdepth 0 -mmin +$((12*60)) -name '*.pcap.gz' -delete

Open in new window


I'd expect that script to run indefinitely, creating capture files containing 30 minutes of data each, until I stop tcpdump with i.e. [CTRL-C] or kill. The postprocessing called after stopping (and whenever a new capture file is created) will zip the created capture files and limit the backlog of capture files to 12 hours.

So far, so good. Now to the problem:

tcpdump stops capturing data in the middle of the second file and exits (without error, as far as I could see).

What have I missed ?
0
what is the difference between state full inspection and deep packet inspection ?


thanks !!!
0
I have a user who when tries to restore a Quickbooks database that is 100M stored on the server over the network takes hours.  When he copies the db from the server to his desktop which takes a few seconds then tries to restore it the process takes less then a min.  I would like to use wireshark to possibly identify the issue.

Questions
  1. Do i need to run Wireshark on his computer or on any computer to see if there are any issues?
  2. What should i be looking for?
  3. Should i attach a capture file or is that not secure?
0
hosting a Fortnite competition on ipads - what can i do to remove lagging/ latency issues

everyone will be on ipads and my bandwidth is 200 MB dedicated, its a small competition in our company, is there a QOS setting i can apply or any other suggestions

maybe there is a gaming port i need to open on the firewall
0
OWASP: Avoiding Hacker Tricks
LVL 13
OWASP: Avoiding Hacker Tricks

Learn to build secure applications from the mindset of the hacker and avoid being exploited.

I had this question after viewing Stuck in INIT/DROTHER.

I have the same problem? OSPF INIT/Drother between Cisco Switch L3 and Cisco Firewall ASA?
I checked everything all the configuration.It looks good however it doesn’t work? I don’t really understand why?
0
Meaning of TTL in PING Reply

I have pingged 2 devices that have the same number of Hops away.
One shows TTL:124
the other shows TTL:250

I wonder how is the TTL calculated in this case .

Thank you
0
Hi guys,

When I am at my parents house,, streaming stuff is so slow. When running a speedtest it shows speeds of 25MBs download, 5mbs upload. It is 'fibre' internet that they have.

However, I am wondering how one can determine if the slowness is our side or the sender who we are viewing from. How does one determine whether it is our side? What tools can I run? Wireshark?

Thanks for helping
Yashy
0
Hi

I'm moving layer 3 routing from an old core switch to a new core stack we've just purchased.

The stack has been configured with trunks and has access to the network.

The old core will not be removed just the routing will be removed from it.

At the moment the old core has links to different sites

My question is when the routing has been moved over, will I need to move cables over from the old core to the new?

Thanks
0
I have a network that has been getting user reports that "the internet is slow".  Plenty of users....
I can see slowness in web browsing but:
- speed tests look fine
- DNS response times look fine
- internal and internet traffic levels look fine
- I've rebooted the main firewall and don't see any issues there - no recent changes.

I'm using PRTG for network monitoring and network traffic levels appear to be reasonable.

I rather suspect DNS issues but can't pinpoint any.

I'd really like to have a nice tool that would help with this.
And, suggestions about how to approach this would help.
0
picI have router on a stick fa0/0.10 10.10.10.1/30 on R1 and an IP address assigned to R2 f0/0 10.10.10.2/30. I am trying to understand why I cannot ping R2 from R1?

pic
R1 config:
interface FastEthernet0/0
 no ip address
 duplex full
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip address 10.10.10.1 255.255.255.252
!

Open in new window


R2 config:
interface FastEthernet0/0
 ip address 10.10.10.2 255.255.255.252

Open in new window

0
I have 14 windows 7 PCs that are used as internet cafe access points. I'm looking for a way to collect data as to how much they are utilised. I am trying to ascertain if amount of PCs available meets the demand we have. For example: PC 7 is used for 4 hours per day, where as PC 6 is only used for 30 minutes a day or maybe a graph that shows usage for all PCs throughout the day, where I can see how many computers where in use at any one time. The internet connection for these machines goes via a Win Server 2016 gateway running hotspot software. The hotspot software doesn't have this kind of data collection. The network switches are only "web managed". Of course, i'm looking for a free, or cheap solution.
0
Hi guys

As we have multiple offices at our work place, we constantly have users leaving and new ones beginning. We want to keep a floor map of PC names, their locations along with the users.

This is so that when we want to do things like apply updates and they fail to a PC, we can allocate where they physically are and access that machine or even request the user to do the necessary from their end.

Does anybody use any applications to manage this?

Thank you
Yash
0
Dear Experts,

I am a new starter to a job, and have been given an initial project to work on that I'm hoping that you can help with.

The customer has an ageing archiving solution with SAN storage that archives email from their MS Exchange platform. There is a separate project that is almost complete that will replace the solution.

I have been given the task of overseeing the decommissioning of the SAN storage.

The customer believes that the only solution using the SAN storage was the legacy email archiver, but cannot be 100% sure that other applications haven't developed dependencies on the SAN storage during it's lifespan, and I've been asked to perform some due dilligence on the SAN to try an identify any unexpected connectivity.

My initial thoughts are to run something like WireShark on that network segement to identify any traffic with the SAN IP as a destination.

Is that the right approach?

If not, what do you recommend?

If it is, could you give me some guidance on how what config I should put into Wireshark to help me see the right results?

Many thanks in advance.
0
HTML5 and CSS3 Fundamentals
LVL 13
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

I am sysadmin..I want to know

I want to reach the server, to check the connectivity thru specific port.
This is just to varify whether the required firewall rule defined properly or not.
0
Consider the below scenario

userPC---- firewall --- Destination-server
                         10.1.1.1


I have installed some software on the server, the service  of that software is using port # 301.

1) Scenario...
      Firewall defined
      server#  service UP
        userPC# telnet 10.1.1.1 301  --> user get reply

2)Scenario...
      Firewall defined
      server# service DOWN

is there any command/3rdparty-tools available to just varify, pockets from userPC able to reach on the server through port#301

==
This I asked just to segregate if there any issue, problem from firewall side (or) destination server side.
0
What does this mean?

Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients\client2
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_PATH_NOT _FOUND
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients\client1
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_PATH_NOT _FOUND
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_NAME_NOT _FOUND
NT Create AndX Request, FID: 0x4014, Path: \clients
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients
445 > 2161 [ACK] Seq=171 Ack=576 Win=17138 Len=0
0
ac
in the topology above , I have 2 routers with 2 loopbacks.
on R2 I configured an access list to permit only 192.168.12.0 which is the link between R1 and R2, for some reason I cannot ping loopback 1.1.1.1 of R1 which makes sense,  but I can ping from R1 to loopback of R2.  I thought both loopbacks cannot be ping because of the access list:

configuration below:

R1:
R1#sh run 
Building configuration...

Current configuration : 1792 bytes
!
! Last configuration change at 16:05:15 CET Sat Aug 18 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!         
!
!
redundancy
!
!
! 
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
 ip address 192.168.12.1 255.255.255.0
!
interface Ethernet0/1
 no ip address
 shutdown
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Ethernet1/0
 no ip address
 shutdown
!
interface Ethernet1/1
 no ip address
 shutdown
!
interface Ethernet1/2
 no ip address
 shutdown
!
interface Ethernet1/3
 no ip address
 shutdown
!
interface Serial2/0
 no ip address

Open in new window

0
Hi.. This is regarding networking port no. 2829, 2832, 2831 and 2830. According to IANA website, this is something silkp1, silkp2, silkp3 and silkp4. Can anyone tell me what is this silkp ?
0
Don't have much documentation at my new place and I wanted to know where to begin to understand our DR/BDR information.  I specifically wanted to know what it costs the company to be down for an hour or a day and so forth.  Since we don't have much documentation, it is really hard to understand or where to begin.
0

Network Analysis

9K

Solutions

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).