| Pages: [1] :: one page |
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Atari Sakura
Minmatar
Devious Decorum
   |
Posted - 2010.06.04 15:14:00 -
[1]
I am currently doing an internship for a small company, it's a software-for-service company, and they needed extra help with administrating their network.
I'm a second year college student, and have taken several network theory courses, as well as a few courses on system administration. I consider myself to have a high level of technical knowledge, however I lack experience, (hence the internship.)
The company is having an issue with the internet being slow a lot, they have a dedicated T1 line, and about 5-7 people using it max. They would like me to look into the issue of things running slow, and see if there is a server, or something responsible. I'd like to know if anyone has any good network monitoring tools, that could measure the bandwidth of each port on a switch, (assuming I put a switch port into monitoring mode.) Preferably a linux based utility. I've been fiddling around with Nagios and a few other command line things such as ntop, but haven't had any great success. Does anyone use a similar thing to monitor their network? If so, would you mind sharing what it is?
---
|
Undertow Latheus
Minmatar
Monolithic.
|
Posted - 2010.06.04 15:29:00 -
[2]
Im in ur thread, being unhelpful.
Also, your corp :(
Please resize your signature to the maximum allowed of 400 x 120 pixels with a maximum file size of 24000 bytes.StevieSG |
Atari Sakura
Minmatar
Devious Decorum
|
Posted - 2010.06.04 15:57:00 -
[3]
Dude I know... But the Mono cookie is crumbling... Sadly, I just followed Lumari blindly, since pretty much everyone else is afk.
---
|
Grimpak
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2010.06.04 16:01:00 -
[4]
before getting a monitoring program, did you check the network config? It smells like there's QoS options running on there...
---
 Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Victor Valka
Caldari
Endoxa Corporation
|
Posted - 2010.06.04 16:14:00 -
[5]
Kids these days...
Set up Wireshark on your gateway and have at it.
Originally by: Spaztick
You are not outnumbered, you are in a target-rich environment.
|
Atari Sakura
Minmatar
Devious Decorum
|
Posted - 2010.06.04 16:31:00 -
[6]
Originally by: Victor Valka
Kids these days...
Set up Wireshark on your gateway and have at it.
Oh well I thought it would go without saying that I've been using wireshark.... lol, sorry
I can't really monitor how much bandwidth a particular computer is using with wireshark though.... Can I?
---
|
Jack Paladin
ConViction Inc
|
Posted - 2010.06.07 10:43:00 -
[7]
There is a good chance that you have already tried this but is the speed issue localised to a specific website?
Go to www.speedtest.net and run a bandwidth test.
Are all computers hard-wired or running on wireless? Wireless could explain the ****ty speeds if the signal quality is crap.
Have you been onto the ISP? Maybe they are performing infrastructure upgrades etc which is affecting performance?
Is it a dedicated line or is there a contention ratio?
Antivirus/Antispy upto date?
Does the network have a managed switch? You can use this to monitor the flow of data through the switches.
Being a software-for-service company I imagine they would have a beefy firewall protecting the network. This could also potentially be the reason for the slowdown if it is being targetted by attackers or is performing extensive scans of network packets.
The list goes on im afraid :(
It's all down to the process of elimination. Eliminate one potential cause and move onto the next.
|
Yumis
Amarr
Lupus Vires
Ultra Vires.
|
Posted - 2010.06.07 14:28:00 -
[8]
Edited by: Yumis on 07/06/2010 14:29:52
Monitoring ports (or other items on a smaller scale), nothing beats MRTG. Looking at what you asked for this will do the job, its easy to hook up into SNMP OIDs and the like :)
For monitoring much larger networks I like Netflow (choose your front end of choice.. my personal favourite Arbour PeakFlow)
|
Yumis
Amarr
Lupus Vires
Ultra Vires.
|
Posted - 2010.06.07 14:36:00 -
[9]
Im a bit of a Cisco geek, but if you have Cisco switches its worth getting NBAR up and running you can then see the protocol usage per port.
You can also configure the top talkers in Netflow which can offer similar functionality.
For a complete solution, tie it all together with IP SLA and EEM and the switch can send you an email when the latency goes above so many ms with outputs of who is using all the bandwidth and with what applications, but that's probably overkill 
|
Atari Sakura
Minmatar
Devious Decorum
|
Posted - 2010.06.07 14:47:00 -
[10]
Originally by: Jack Paladin
There is a good chance that you have already tried this but is the speed issue localised to a specific website?
Go to www.speedtest.net and run a bandwidth test.
Are all computers hard-wired or running on wireless? Wireless could explain the ****ty speeds if the signal quality is crap.
Have you been onto the ISP? Maybe they are performing infrastructure upgrades etc which is affecting performance?
Is it a dedicated line or is there a contention ratio?
Antivirus/Antispy upto date?
Does the network have a managed switch? You can use this to monitor the flow of data through the switches.
Being a software-for-service company I imagine they would have a beefy firewall protecting the network. This could also potentially be the reason for the slowdown if it is being targetted by attackers or is performing extensive scans of network packets.
The list goes on im afraid :(
It's all down to the process of elimination. Eliminate one potential cause and move onto the next.
Thanks for the advice, the first thing I started with was running the speakeasy speedtest, and we are getting the speeds we are paying for 9/10 times the test is run.
None of the computers are on wireless, all of them are wired and hooked up to a HP Procurve 2650 switch, most of them with Ethernet cable I made and tested, so I know that's good.
The Line is a dedicated T1, and we use Symantec corporate anti-virus, which pushes out updates to all the computers on the network, and alerts me if any computers are not up to date.
We do have a rather beefy firewall, I plan on hooking the default gateway to a hub, and connecting it to my laptop so I can run wireshark, and see if the issue is us being target by attackers, I can also go into the firewall settings to see if we are using deep packet inspection or not.
Originally by: Yumis
Edited by: Yumis on 07/06/2010 14:29:52
Monitoring ports (or other items on a smaller scale), nothing beats MRTG. Looking at what you asked for this will do the job, its easy to hook up into SNMP OIDs and the like :)
For monitoring much larger networks I like Netflow (choose your front end of choice.. my personal favourite Arbour PeakFlow)
Thanks! This program looks really good, and seems to be exactly what I'm looking for..
---
|
yfz3r0
Caldari
Perkone
|
Posted - 2010.06.07 23:56:00 -
[11]
Originally by: Atari Sakura
Originally by: Victor Valka
Kids these days...
Set up Wireshark on your gateway and have at it.
Oh well I thought it would go without saying that I've been using wireshark.... lol, sorry
I can't really monitor how much bandwidth a particular computer is using with wireshark though.... Can I?
You will want to setup a new column for Delta Times in Wireshark. If you notice any of the packets having a Delta Time of over 0.01 then you know that there is a problem. Have you checked the bandwidth issue on multiple computers? If not then do that. Also check packet Delta Times going to and from your gateway and make sure you run it on multiple computers. But yes, to answer your question you can indeed tell what computers are/aren't hogging the bandwidth with Wireshark using the Delta Times. Google it a bit for more details.
|
Tony C'dale
The Scope
|
Posted - 2010.06.08 11:26:00 -
[12]
We use What's up Gold for network monitoring, but it's a little pricey and bulky for a small network. For a free network monitor try using THE DUDE, I know it sounds cheesy but it works suprisingly well.
|
Pr1ncess Alia
Caldari
Perkone
|
Posted - 2010.06.08 14:50:00 -
[13]
Edited by: Pr1ncess Alia on 08/06/2010 14:52:51
i don't usually like answering this crap but i haven't been to work for months so why not...
i think your looking at your problem backwards unless you just failed to mention a couple things.
the real question is, when the speeds are slow what is the causing the slowness, right?
start by looking at the T1 itself. not the individual lan links.
-connections are slow for everyone. what is causing it?
first question should be can we find technical evidence of the symptom???
-can we find errors on ANY link we can see?/is their a corresponding increase in latency to destinations when browsing/transfer speeds slow?/is their a corresponding decrease in performance for LAN to LAN connections/transfers? these things should help you isolate the issue
as i've done this before i'm going to encourage you to start here:
-are we over-utilizing the T1?
if yes, then start looking at individual users. if no, then you likely either have a more complex issue on your ISP side or perhaps some easily missed issue on the lan itself (some link taking collisions that worsens with utilization or something stupid like that)
try to examine that t1 utilization as close to real time as you can get. many monitoring tools will pull data for Xtime and give you an average. usually this is good enough but...
a lot of people hear dedicated t1 and think their problems are over. a sad fact is a t1 is **** for a few users to clog up. it's fine and dandy for a steady dedicated connection, but it is 1.544mbps.
edit: if you suspect issues on the ISP side (and try to make sure before you open a case for them. nothing throws you on the bottom of the stack faster than crying wolf) you need to go to them with cold evidence of the issue. #'s, not symptoms. and never ever ever try to use a speed test site as your evidence. ISPs cannot attempt to troubleshoot or explain a 3rd party speed test site no to mention you really want to be testing multiple connections, not just one. instead ask them if they have any internal tools (iperf server?)
"A game that is significantly nonlinear is sometimes described as being open-ended or a sandbox, and is characterized by there being no "right way" of playing the game." |
| |
|
| Pages: [1] :: one page |
| First page | Previous page | Next page | Last page |