Network Monitoring: A Practical Approach Philip Smith/IT Services University of Windsor March 21, 2003.

Slides:

Advertisements

Similar presentations

SYSTEM ADMINISTRATION Chapter 19

Advertisements

Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

QoS Solutions Confidential 2010 NetQuality Analyzer and QPerf.

Firewalls and Intrusion Detection Systems

Monitoring a Large-Scale Network: Selecting the Right Tool Sayadur Rahman United International University & Network Manager, Financial Service.

Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.

SYN Flooding: A Denial of Service Attack Shivani Hashia CS265.

Chapter 15 Chapter 15: Network Monitoring and Tuning.

Network Analyzer Example

Copyright © 2005 Department of Computer Science CPSC 641 Winter Network Traffic Measurement A focus of networking research for 20+ years Collect.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

Copyright Kenneth M. Chipps Ph.D. How to Use SNMP to Collect Network Data Last Update

Internet Basics.

Academic Network - retrospective. Academic Network – University of Montenegro MREN’s technical body is Center of Information System (CIS) of University.

Mohammed Saiyeedur Rahman.  E-commerce is buying and selling goods over the internet. This could include selling/buying mobile phones, clothes or DVD’s.

Advanced Networking for DVRs

Many of our customers are using this “Free” Utility. However there are some things that we need to communicate to our customers about how SpeedTest works.

1. 2 How do I verify that my plant network is OK? Manually: Watch link lights and traffic indicators… Electronically: Purchase a SNMP management software.

Hands-on Networking Fundamentals

FIREWALL Mạng máy tính nâng cao-V1.

Characterizing the Existing Internetwork PART 1

Net Optics Confidential and Proprietary Net Optics appTap Intelligent Access and Monitoring Architecture Solutions.

Computer Networking Part 1 CS 1 Rick Graziani Cabrillo College Fall 2005.

1 Root-Cause Network Troubleshooting Optimizing the Process Tim Titus CTO, PathSolutions.

How the Internet Works: What happens when information is sent from your computer?

What is FORENSICS? Why do we need Network Forensics?

1. There are different assistant software tools and methods that help in managing the network in different things such as: 1. Special management programs.

Wireless Network Management Mohammad Rasol Saidat.

Network Management Tool Amy Auburger. 2 Product Overview Made by Ipswitch Affordable alternative to expensive & complicated Network Management Systems.

1 Pieter Meulenhoff KPN Research ROOT2002 I-Mode Performance Monitoring Use of ROOT in telecommunications at KPN Pieter Meulenhoff.

Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.

Linux+ Guide to Linux Certification Chapter Fifteen Linux Networking.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

workshop eugene, oregon What is network management? System & Service monitoring  Reachability, availability Resource measurement/monitoring.

Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.

Chapter 6-2 the TCP/IP Layers. The four layers of the TCP/IP model are listed in Table 6-2. The layers are The four layers of the TCP/IP model are listed.

Mr C Johnston ICT Teacher BTEC IT Unit 05 - Lesson 05 Network Protocols.

The ProactiveWatch Monitoring Service. Are These Problems For You? Your business gets disrupted when your IT environment has issues Your employee and.

Linux Networking and Security

Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.

Graphing and statistics with Cacti AfNOG 11, Kigali/Rwanda.

Network Management Protocols and Applications Cliff Leach Mike Looney Danny Mar Monty Maughon.

CCNA4 v3 Module 6 v3 CCNA 4 Module 6 JEOPARDY K. Martin.

1 Root-Cause VoIP Troubleshooting Optimizing the Process Tim Titus CTO, PathSolutions.

Manchester University Tiny Network Element Monitor (MUTiny NEM) A Network/Systems Management Tool Dave McClenaghan, Manchester Computing George Neisser,

Monitoring Troubleshooting TCP/IP Chapter 3. Objectives for this Chapter Troubleshoot TCP/IP addressing Diagnose and resolve issues related to incorrect.

1 Microsoft Windows 2000 Network Infrastructure Administration Chapter 4 Monitoring Network Activity.

Term 2, 2011 Week 2. CONTENTS Communications devices – Modems – Network interface cards (NIC) – Wireless access point – Switches and routers Communications.

Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:

Network design Topic 2 Existing network infrastructure.

NetTech Solutions Protecting the Computer Lesson 10.

Confidential Rapid Troubleshooting for Data, VoIP, and Video VoIP Performance Manager.

Page 1 Monitoring, Optimization, and Troubleshooting Lecture 10 Hassan Shuja 11/30/2004.

1 Internet Traffic Measurement and Modeling Carey Williamson Department of Computer Science University of Calgary.

1 UNIT 13 The World Wide Web. Introduction 2 Agenda The World Wide Web Search Engines Video Streaming 3.

COURSE OUTLINE 1 Introduction(History) Key functions Interface analysis 2 Traffic Analysis/OSI Review Protocol Filtering 3 IP and port filtering Wireshark.

1 ** THE INTERNET ** Large, worldwide collection of networks that use a common protocol to communicate with each other A network of networks.

25/09/2016 INASP: Effective Network Management Workshops Unit 6: Solving Network Problems.

Hosted by Coach Slanina I Spy 1 Computer Devices On-lineI Spy

Instructor Materials Chapter 8: Network Troubleshooting

Lab 2: Packet Capture & Traffic Analysis with Wireshark

Hands-On Microsoft Windows Server 2008

TCP/IP Networking An Example

State of the University’s Internet Connection

Network Monitoring: A Practical Approach

Module 12 Network Configuration

Active Tests and Traffic Simulation: Module Objectives

Active Tests and Traffic Simulation: Module Objectives

Presentation transcript:

Network Monitoring: A Practical Approach Philip Smith/IT Services University of Windsor March 21, 2003

Agenda Campus Structure Benchmarking on Campus Tools on Campus Benchmarking off Campus Tools off Campus Questions and Answers

Campus Structure Core Router (Nortel Networks Passport 8610) 60+ Building Subnets (student + faculty) Computer Science and Engineering have their own networks Have two external connections Internet (Telus) at 15Mb/s + over subscription CAnet*4 (AT&T) at 155Mb/s Both connections use ATM

Campus Structure (Block Diagram)

Campus Structure (Graphical)

Benchmarking on Campus: Benchmarks FTP (TCP/IP download performance) TTCP (TCPIP upload performance)  Need to consider both upload and download because you could have a duplex problem. PERFORM3 (Novell performance)

Benchmarking on Campus: FTP FTP is a disk to disk transfer protocol  theoretically this could & does affect performance.  We drop the first FTP test to each server because the file is not cached. FTP benchmark is run against 3 servers at or near the network core. Key servers are:  Admin1 (administrative server/AIX-IBM UNIX)  Pdomain (campus FTP server/IRIX-SGI UNIX)  Zeus (Lotus Notes server/AIX)

Benchmarking on Campus: TTCP TTCP is a memory to memory transfer protocol  disk is NOT involved. TTCP benchmark is run against 4 servers at or near the network core. Key servers are:  Admin1 (administrative server/AIX-IBM UNIX)  Cronus (Lotus Notes server/NT)  Pdomain (campus FTP server/IRIX-SGI UNIX)  Zeus (Lotus Notes server/AIX)

Benchmarking on Campus: PERFORM3 PERFORM3 is Novell’s benchmark for networks that are 10Mb/s or more. While Novell is not used very frequently in Computer Science it is used a great deal elsewhere on campus. At one point (circa 2000) Novell traffic was 2/3 of our Network. Modified PERFORM3 to run faster; limit is to twelve operations at 16K intervals instead of at each 4K interval. Modified test takes 1-2 minutes compared to 5 minutes. Run PERFORM3 benchmark against all available Novell servers.

Benchmarks on Campus: Methodology Using Work Study labour, annually run all three benchmarks from each subnet in each building using a common laptop. Run 4 TTCP tests against each of the 4 TTCP server (4*4=16) Run 3 FTP tests against each of the 3 FTP servers (3*3=9); remember first test is discarded Run 2 PERFORM3 tests against each Novell server (2*~9=18)

Benchmarks on Campus: Summary Results of annual building tests available on line.  URL:  Click on Benchmark Database from left hand menu. Also contains benchmarks from some faculty and staff that have complained about their performance.

Tools on Campus Protocol Analyzer WhatsUp MRTG MRTG-UFFE NMS

Tools on Campus: Protocol Analyzer Device that lets you see packets on the wire Our tool is a Network Associates’ Sniffer Primarily a troubleshooting tool However, by capturing the data on a connection (e.g. uplink) over time you can collect key network statistics Flaw: It only does ONE connection at a time Protocol Analyzer measures packets

Tools on Campus: WhatsUp Monitors network devices (e.g. switches & routers) servers & server applications uses ICMP (ping) and TCP/IP ports If device responds server is deemed to be up Flaw: Just because the web server port opens on port 80 this does not necessarily mean the web server is working properly; it just means that the web server is up WhatsUp measures availability Uses drill down method (example to follow)

Tools on Campus: WhatsUp

Drilling down into Memorial Hall, there is something wrong with the UPS (top diagram) It looks like the UPS management is down (bottom diagram)

Tools on Campus: MRTG MRTG = Multi Router Traffic Grapher Monitors bits in and out of a network device (eg. Switch port, router port, NIC card) Using SNMP it queries the switch for port activity once every five minutes Keeps daily, weekly monthly and yearly statistics on that port Flaw 1: If there is a lot of usage then the device(s) attached to the port are running well. If usage is low then ???? Flaw 2: It monitors amount of bits not the number of packets. If you had a Denial of Service attack with a large number of small packets MRTG would not indicate a problem MRTG measures bandwidth Like WhatsUp, MRTG uses drill down method

MRTG example: Fully drilled down view of Passport to CS SSR Router

Tools on Campus: MRTG-UFFE MRTG-UFFE = MRTG’s User Friendly Front End Add on to MRTG Homegrown utility that documents the important (special, unusual, busy) connections on campus Hyperlinks to MRTG MRTG-UFFE measures connections

Tools on Campus: NMS NMS = Network Management System MRTG only measures bits in (received) and out (transmitted) Only 2 of 34 parameters on the switch port Future Project

Benchmarks off Campus Mostly a new area of focus Have been monitoring using Protocol Analyzer, WhatsUp & MRTG Size of Internet Pipe growing yearly by about 2Mb. Recently we have also been monitoring using BroadBandReports.com

Benchmarks off Campus: WhatsUp

Benchmarks off Campus: MRTG

Benchmarks off Campus: BroadBandReports.Com

Tools Off Campus Protocol Analyzer WhatsUp MRTG BroadBandReports.com Internet Monitors

Tools Off Campus: Internet Monitors Internet Health Report   Measures Latency (TCP Open) Between Major U.S. carriers. Internet Traffic Report   Measures Latency (ICMP Echo) & Packet loss between selected routers world wide. Internet Average   Measures Latency, Packet Loss, and Reachability between thousands of servers and routers around the world. (Most Comprehensive)

Question & Answers Thanks for your attendance Philip Smith’s Network Performance site: