Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Monitoring Traffic and Calculating Bandwidth 1

Status
Not open for further replies.
ElijahBaley

ElijahBaley

IS-IT--Management
May 4, 2001
1,598
GB

Hi

I need to learn the industry standard procedures for monitoring existing infrastructures and the calculations and or tools used to plan for expansions, upgrades etc - in a hurry!

If anyone could offer some answers, I would greatly appreciate it

1)Monitoring Existing Infrastructures.

What do engineers in the field use to monitor and diagnose such things as bottlenecks, broadcast storms, faulty NIC's -I suppose in a well designed, and documented modern switched Ethernet some of these problems will not occur, but what happens if you go to a large site with multiple segments and no documentation that are reporting all kinds of problems all over the Ethernet - where do you start!

2)Expansions & Upgrades

What are the techniques used to calculate what will be required when a company buys another floor in a building and wishes to expand a department into it.

I am aware of the physical limitations of Ethernet and the advantages of subnetting at Layer 3, but are there some golden rules that professionals follow like clockwork when designing upgrades?

I hope from this you can see what I am after, I am looking for the real-world techniques that are used by design and implementation engineers. I am going to have to learn these same skills applied to WAN links as well but I will take that up in another section.

Thanks for your help!






..EB (Plainclothesman)
 
Sort by date Sort by votes
Hi EB,

If there are any "industry-standard" network monitoring methods, I am not aware of them: just general guidelines.

First of all, if the network you're walking into is undocumented, that will be your first order of business. Nothing else will make sense until you know the topologies you're facing, is it a switched or shared environment, and the products.

A tool that may take some of the leg/grunt/guess-work out of this is 3com's Network Supervisor. The basic version is available for just the hassle of registration. It will discover your network and try to group your nodes according to the switches/hubs they're attatched to. If your infra-structure happens to be 3com, it works great: it even gives you the port and unit number devices are connected to and the speed/duplex settings. If the infra-structure is another vendor, it does the best it can, and can still be helpful for getting the overview.

Once you get the 50,000 ft view, you'll need to verify as much as possible: especially where the uplinks are and what their capacities are (10/half, 100/full, gig etc) and who's connected to who. You'd better start drawing up a map.

You'll also need to find out about existing VLANs etc. It's going to mean a lot of logging into the network devices and reviewing configurations.

Once you know how the network is segmented, you can start thinking about looking at traffic patterns on the different segments. This is a little tougher in a switched environment than a shared environment. This is a good place to have a decent management package. I use Network Instruments Observer, which is a servicable product. It can loop through the ports of most switches and give you a good over-all view of the traffic on each. Placing probes at a couple strategic points of the network, with a roving probe you can move around, can give you a pretty good look at your traffic patterns. Such packages also usually come with error detection, broadcast storm detection, etc. There are lots of other packages out there. I won't carry forward with that discussion as you didn't mention what, if anything, you had available to you.

If you have no software or hardware management tools or sniffers, you'll have to start with stats available on the network devices. Start at the center of the network (presumably there will be some sort of central network switch) and view the statistics for it's ports. Pick out any that have a lot more traffic than the average, or that show errors, and start following those through the network to see who they're supporting and where all of the traffic is comming from. If a lot of errors are showing, try to follow them through the workgroup devices to specific ports - usually the port with the highest counts will be the source, although switch settings can disguise the guilty parties by passing errored packet through and making everyone look guilty.

Ultimately, it's going to be about becoming familiar with your traffic patterns. There are no concrete rules that say "traffic levels less than 10% are ok". It depends on your topology and your applications. If your users are complaining that things are slow at 15% utilization, you have to fix it regardless. If you're running 40% on a switched segment and no one is complaining, all you have to worry about is future growth.

As far as expansion goes,as in the instance of expanding to a new floor. It's going to be the same groceries. First you'll have to find out who is going into the new section, how many ports they represent, what the current traffic patterns of those users are. Then you'll need to find out what existing infra-structure is available, if any. If you have to provide cabling and all, then the size of the area and the distance from the center of your network have to be examined, the ole 100 meter rule. If you have long distances to contend with you'll need fiber, otherwise, CAT-5E or CAT-6. Selection of links from workgroup switches, how many links per stack, how many ports per stack, etc are going to depend on the traffic patterns you noted for the people going into the new areas.


I realize this information is very general. Without more detailed information, it must be. Also, I apologize if I'm providing information that is too basic. You didn't specify your degree of experience.
 
Upvote 0 Downvote
Thanks for your detailed reply, I very much appreciate it - my situation is that I have always worked in very small LAN environments where there is generally not much need for packet sniffers.protocol analysers etc, PING and logic usually do the trick!

However I am desperate to get to work in multi-segmented environments. So I am on a mission to learn as much as I can about how people in the real world go about their business in larger environments.

Cheers



..EB (Plainclothesman)
 
Upvote 0 Downvote
Three tools that provide a good look at what is going on with your network are:

MRTG - Iperf - Ethereal -
MRTG - Multi-Router Traffic Grapher - This is a great tool for looking at the traffic patterns on your network. It includes a configuration builder that will walk the SNMP MIBs on your network devices and build a configuration file. It uses PERL scripts that are run every 5 minutes to create utilization graphs. With a little work, you can pretty much graph any SNMP value, plus a lot more.

Iperf - Command line based throughput measurement tool - Used this twice yesterday to solve throughput problems for customers. One of them had two Dell servers plugged into a Cisco switch. Backups were taking forever to run and users were complaining about network slowdowns. Running Iperf between two of the servers showed we were only getting 497 kbps over the 100Mbps connection. After trying EVERY combination of Auto detect and forcing duplex and speed, we had to move the server connections to another switch. Major problems trying to use the NICs in these servers with this switch. I am going to stop back by the customer today to get the details as far as cards and switch model go. I will update this thread when I have the detailed info. Iperf showed that when we moved to the new switch, the throughput went up to 92Mbps.

Ethereal - Software based protocol analyzer - Great analyzer to get started with. Comprehensive filtering and decode capabilities. The ability to re-assemble data and graph TCP conversations is very good also.

These are great tools to get started with. If you want to start spending money, these are the tools I always bring with me when I go to client sites:

Fluke Networks OptiView Integrated Network Analyzer
Fluke Networks Protocol Expert
Ipswitch What's Up Gold
Ixia Chariot
Compuware Appliation Vantage
Compuware Network Vantage
Fluke Networks NetTool
Shunra Storm
SolarWinds

The free tools help you to appreciate the features that the tools for $ give you.

mpennac
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DrB0b
  • Locked
  • Question
Industrial Tech question - Cable to pass DC voltage and serial comm 1
Replies
4
Views
184
DrB0b
DrB0b
carolinamw
  • Locked
  • Question
Trying to connect two Trendnet Ti-pg1284i switches via fiber and sfp modules.
Replies
1
Views
106
BOKA
BOKA
Roobbb
  • Locked
  • Question
T1 on avaya pbx that show errors only when there is traffic
Replies
0
Views
131
Roobbb
Roobbb
Sumera78630
  • Locked
  • Question
How to See the Bandwidth of over all network
Replies
1
Views
95
VinceWhirlwind
VinceWhirlwind
Hungster
  • Locked
  • Question
track down bandwidth usages
Replies
0
Views
48
Hungster
Hungster

Part and Inventory Search

Sponsor

Back
Top