Network, Server, or App? Chris Greer

Slides:

Advertisements

Similar presentations

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 OSI Transport Layer Network Fundamentals – Chapter 4.

Advertisements

B5 – TCP Analysis - First Steps Jasper Bongertz, Senior Consultant Airbus Defence and Space.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 13 Introduction to Computer Networks.

CPSC Tutorial: TCP 101 r The Transmission Control Protocol (TCP) is the protocol that sends your data reliably r Used for , Web, ftp, telnet,

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Computer Networks Transport Layer. Topics F Introduction  F Connection Issues F TCP.

Networking Solutions Chapter 2 – The OSI Model. The Layered Approach Similar to a company like ◦ Advantages ◦Divides the network into ◦Multiple vendors.

Copyright © 2005 Department of Computer Science CPSC 641 Winter Tutorial: TCP 101 The Transmission Control Protocol (TCP) is the protocol that sends.

Error Checking continued. Network Layers in Action Each layer in the OSI Model will add header information that pertains to that specific protocol. On.

1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer  Providing logical communication b/w application processes running on different hosts 

ISO Layer Model Lecture 9 October 16, The Need for Protocols Multiple hardware platforms need to have the ability to communicate. Writing communications.

Introduction to Wireshark Making Sense of the Matrix

3: Transport Layer 3a-1 8: Principles of Reliable Data Transfer Last Modified: 10/15/2015 7:04:07 PM Slides adapted from: J.F Kurose and K.W. Ross,

Transport Layer Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.

Lecture Week 4 OSI Transport Layer Network Fundamentals.

Sharing the Network It slices, it dices, it sequences ….. All of this and error checking too!

Transport over Wireless Networks Myungchul Kim

Networking Fundamentals. Basics Network – collection of nodes and links that cooperate for communication Nodes – computer systems –Internal (routers,

TCP – Tips and Case Studies. Presenter – Chris Greer Packet Pioneer LLC Network Analyst - WCNA Training and Professional Services Network and application.

TCP/IP. The idea behind TCP/IP is exactly the same we explained about the OSI reference model: when transmitting data, programs talk to the Application.

CPSC TCP Plots r Slides originally from Williamson at Calgary r Minor modifications are made.

Networking (Cont’d). Congestion Control l Is achieved by informing nodes along a route that congestion has occurred and asking them to reduce their packet.

Represented BY:- Allauddin Ahmad.  What it is?  OSI model.  History.  Objectives.  Encapsulation and decapsulation.  Multiplexing and demultiplexing.

Chapter 3: The Data Link Layer –to achieve reliable, efficient communication between two physically connected machines. –Design issues: services interface.

Network Congestion Control HEAnet Conference 2005 (David Malone for Doug Leith)

TCP over Wireless PROF. MICHAEL TSAI 2016/6/3. TCP Congestion Control (TCP Tahoe) Only ACK correctly received packets Congestion Window Size: Maximum.

Airmail: A Link-layer Protocol for Wireless Networks

Distributed Systems 11. Transport Layer

Application Layer Functionality and Protocols Abdul Hadi Alaidi

Real World Case Studies

Wireshark Tutorial KUAS, Hao-Xiang Gu.

Solving Real-World Problems with Wireshark

Computer Communication & Networks

Ch 16 Protocols and Layering

Approaches towards congestion control

Pass Your Cisco Exam with 100% Passing Guarantee by Exams4sure

TCP Tips, Tricks, and Traces

The Packet A(nalysis)-Team

COMP 431 Internet Services & Protocols

588 Section 3 Neil Spring April 20, 1999.

Network Fundamentals – Chapter 4

Chapter 3 outline 3.1 Transport-layer services

Data Link Layer What does it do?

Magda El Zarki Professor, ICS UC, Irvine

Internet and Intranet Protocols and Applications

Packet Sniffing.

Networking CS 3470, Section 1 Sarah Diesburg

TCP Sequence Number Plots

CSE 4340/5349 Mobile Systems Engineering

Flow and Congestion Control

Overview Jaringan Komputer (2)

Process-to-Process Delivery:

The Future of Transport

IT351: Mobile & Wireless Computing

Chapter 6 TCP Congestion Control

CS4470 Computer Networking Protocols

8: Principles of Reliable Data Transfer

Introduction and Overview

Networking CS 3470, Section 1 Sarah Diesburg

Networking CS 3470, Section 1 Sarah Diesburg

Computer Networking A Top-Down Approach Featuring the Internet

The Transport Layer Reliability

Transport Layer: Congestion Control

Chapter 3 outline 3.1 Transport-layer services

Process-to-Process Delivery: UDP, TCP

TCP flow and congestion control

Computer Networks Protocols

Office 365 Performance Management

Error Checking continued

Presentation transcript:

Network, Server, or App? Chris Greer Undoing the Network Blame Game and Getting to the Real Root Cause of Slow Application Performance Chris Greer Network Analyst | Packet Pioneer LLC

Presenter Chris Greer chris@packetpioneer.com Twitter: @packetpioneer YouTube: packetpioneer Network Analysis and Troubleshooting

Sick of blame?

Start with the transport layer to divide the OSI in half. APPLICATION PRESENTATION SESSION TRANSPORT NETWORK DATA LINK PHYSICAL

What Should I look for when troubleshooting “slow’? Wireshark has some great error events to flag TCP problems. Use the tcp.analysis.flags filter to spot them quickly, or the intelligent slide bar.

What TCP Events are Flagged? TCP Retransmissions TCP Out-of-Orders Duplicate Acks Zero Windows Those are the big ones.

Example 1: Slow Web Download.pcap Make sure to add a delta time column as well as a TCP Conversation Timer.

Investigate Those Retransmissions Don’t assume that retransmissions equal network packet loss in all cases. Scenario:

Make sure you don’t over-filter When working to understand the root cause of retransmissions, make sure not to over-filter the trace. Dig until you understand it.

TCP Window Problems Open Example 3_TCP Window Problem.pcap

TCP Keep Alives These may look bad – but are they? Open Example 4_Slow Web Application.pcap

TCP Delayed ACKs This is the default behaviour of many TCP Stacks. Open Example 5_Delayed ACKs.pcap

Questions? Thanks for coming! Don’t forget to review.

Presenter Packet Pioneer LLC Network Analyst - WCNA Training and Professional Services Network and application performance analysis www.lovemytool.com www.packetpioneer.com

Why TCP? Important stuff uses it. Some problems “hide” at this layer. Key to isolating problem domain. Few take responsibility for it.

When a problem strikes Network engineers check network interfaces, utilization levels, link errors and the wireless environment They want to prove it’s not the network. APPLICATION PRESENTATION SESSION TRANSPORT NETWORK DATA LINK PHYSICAL

When a problem strikes Server and Application support people may check error logs and server resources to see if the issue is theirs. APPLICATION PRESENTATION SESSION TRANSPORT NETWORK DATA LINK PHYSICAL

What if the problem is in the middle. Or What if the problem is in the middle? Or.. What if you could use the transport layer to find the real root cause? APPLICATION PRESENTATION SESSION TRANSPORT NETWORK DATA LINK PHYSICAL

What should I look for in traces? Wireshark has some great error events to flag TCP problems. Use the tcp.analysis.flags filter to spot them quickly, or the intelligent slide bar.

What TCP events are flagged? TCP Retransmissions TCP Out-of-Orders Duplicate Acks Zero Windows Those are the big ones.

Example 1:TCP Retransmission.pcap

What causes retransmissions? Packet Discards FCS/CRC Errors Cable/Interface hardware errors. Those are the big ones.

Make sure you don’t over-filter When working to understand the root cause of retransmissions, make sure not to over-filter the trace. Dig until you understand it. TCPRetransFromARPS.pcap

TCP Window Problems Open Example 3_TCP Window Problem.pcap

TCP Keep Alives These may look bad – but are they? Open Example 4_Slow Web Application.pcap

TCP Delayed ACKs This is the default behaviour of many TCP Stacks. Open Example 5_Delayed ACKs.pcap

Questions? Thanks for coming! Don’t forget to review.