Sample Network Analysis Report



Similar documents
Applications. Network Application Performance Analysis. Laboratory. Objective. Overview

Network Analysis Report

Data Networks Summer 2007 Homework #3

Mike Canney Principal Network Analyst getpackets.com

COMP 3331/9331: Computer Networks and Applications. Lab Exercise 3: TCP and UDP (Solutions)

Monitor network traffic in the Dashboard tab

Improving Effective WAN Throughput for Large Data Flows By Peter Sevcik and Rebecca Wetzel November 2008

Troubleshooting TCP/IP Networks with Wireshark

Application Level Congestion Control Enhancements in High BDP Networks. Anupama Sundaresan

Troubleshooting Tips and Tricks

Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation

Cover. White Paper. (nchronos 4.1)

High-Speed TCP Performance Characterization under Various Operating Systems

Effects of Filler Traffic In IP Networks. Adam Feldman April 5, 2001 Master s Project

Frequently Asked Questions

Simulation-Based Comparisons of Solutions for TCP Packet Reordering in Wireless Network

CS551 End-to-End Internet Packet Dynamics [Paxson99b]

Effect of Packet-Size over Network Performance

Network Security: Workshop. Dr. Anat Bremler-Barr. Assignment #2 Analyze dump files Solution Taken from

First Midterm for ECE374 03/24/11 Solution!!

Visualizations and Correlations in Troubleshooting

Expert Reference Series of White Papers. Troubleshooting Slow Networks with Wireshark

B-2 Analyzing TCP/IP Networks with Wireshark. Ray Tompkins Founder of Gearbit

Mike Canney. Application Performance Analysis

Transport Layer Protocols

Advanced Computer Networks Project 2: File Transfer Application

Protocols. Packets. What's in an IP packet

Ethernet. Ethernet. Network Devices

Network Probe. Figure 1.1 Cacti Utilization Graph

Basic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet

ITL Lab 5 - Performance Measurements and SNMP Monitoring 1. Purpose

Edge Configuration Series Reporting Overview

Solution of Exercise Sheet 5

Top 10 Tips for z/os Network Performance Monitoring with OMEGAMON Session 11899

DDoS attacks on electronic payment systems. Sean Rijs and Joris Claassen Supervisor: Stefan Dusée

Prefix AggregaNon. Company X and Company Y connect to the same ISP, and they are assigned the prefixes:

First Midterm for ECE374 02/25/15 Solution!!

Chapter 5. Transport layer protocols

Large-Scale TCP Packet Flow Analysis for Common Protocols Using Apache Hadoop

Voice over IP. Demonstration 1: VoIP Protocols. Network Environment

NetView for z/os V6.1 Packet Trace Analysis

How Voice Calls Affect Data in Operational LTE Networks

Top 10 Tips for z/os Network Performance Monitoring with OMEGAMON Ernie Gilman

Names & Addresses. Names & Addresses. Hop-by-Hop Packet Forwarding. Longest-Prefix-Match Forwarding. Longest-Prefix-Match Forwarding

Com.X IP PBX The complete communications solution in a box

TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) Internet Protocol (IP)

Lecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1)

Outline. TCP connection setup/data transfer Computer Networking. TCP Reliability. Congestion sources and collapse. Congestion control basics

2 TCP-like Design. Answer

Per-Flow Queuing Allot's Approach to Bandwidth Management

Pig Laboratory. Additional documentation for the laboratory. Exercises and Rules. Tstat Data

CS268 Exam Solutions. 1) End-to-End (20 pts)

VPN over Satellite A comparison of approaches by Richard McKinney and Russell Lambert

D1.2 Network Load Balancing

TCP Offload Engines. As network interconnect speeds advance to Gigabit. Introduction to

TCP Performance Management for Dummies

TCP in Wireless Mobile Networks

Operating Systems and Networks Sample Solution 1

Wireshark Lab: HTTP SOLUTION

A Passive Method for Estimating End-to-End TCP Packet Loss

Improved Digital Media Delivery with Telestream HyperLaunch

The Data Replication Bottleneck: Overcoming Out of Order and Lost Packets across the WAN

Capturing Network Traffic With Wireshark

EonStor DS remote replication feature guide

Key Components of WAN Optimization Controller Functionality

IP Subnetting and Addressing

White Paper. Accelerating VMware vsphere Replication with Silver Peak

Computer Networking LAB 2 HTTP

QoS (Quality of Service)

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

COMP 361 Computer Communications Networks. Fall Semester Midterm Examination

[Prof. Rupesh G Vaishnav] Page 1

SAN/iQ Remote Copy Networking Requirements OPEN iscsi SANs 1

Using Linux Traffic Control on Virtual Circuits J. Zurawski Internet2 February 25 nd 2013

Application-Centric Analysis Helps Maximize the Value of Wireshark

Computer Networks - CS132/EECS148 - Spring

Lecture 15: Congestion Control. CSE 123: Computer Networks Stefan Savage

LESSON Networking Fundamentals. Understand TCP/IP

15-441: Computer Networks Homework 2 Solution

Security Labs in OPNET IT Guru

Network performance and capacity planning: Techniques for an e-business world

ICOM : Computer Networks Chapter 6: The Transport Layer. By Dr Yi Qian Department of Electronic and Computer Engineering Fall 2006 UPRM

DNS (Domain Name System) is the system & protocol that translates domain names to IP addresses.

WOPR 12 Resource Monitoring During Performance Testing

(Refer Slide Time: 02:17)

Top 10 Tips for z/os Network Performance Monitoring with OMEGAMON. Ernie Gilman IBM. August 10, 2011: 1:30 PM-2:30 PM.

Internet Packets. Forwarding Datagrams

High Speed Internet Access Using Satellite-Based DVB Networks

Performance Comparison of SCTP and TCP over Linux Platform

Lab Exercise Objective. Requirements. Step 1: Fetch a Trace

Bandwidth Aggregation, Teaming and Bonding

EKT 332/4 COMPUTER NETWORK

Deploying Silver Peak VXOA with EMC Isilon SyncIQ. February

TCP over Wireless Networks

The ISP Column A monthly column on all things Internet

Lab Exercise SSL/TLS. Objective. Requirements. Step 1: Capture a Trace

CTS2134 Introduction to Networking. Module 07: Wide Area Networks

(A) Performance Indicators (For Compliance 1 ) QoS Standards (1) Network Availlability 2 > 99.9% (2) Network Latency (for round-trip) [see *]

ECSE-6600: Internet Protocols Exam 2

La couche transport dans l'internet (la suite TCP/IP)

Transcription:

Sample Network Analysis Report Report Information Report created on 1/9/2014 9:35:19 PM. Analyst Information Name Sample Analysis Report E-mail Address info@chappellu.com Phone Number 408-378-7841 Client Information Client Name Chappell University Case Number 03A543

Table of Contents IP Conversations 3 IP Conversations 4 Bandwidth Over Time 5 Bytes per Second 6 Bits per Second 7 Packets per Second 8 Bandwidth Over Time (2) 9 Bytes per Second 10 Bits per Second 11 Packets per Second 12 TCP Errors Overview 13 TCP Errors Over Time 14 Total TCP Errors Relative Number of Errors 15

IP Conversations Conversations among IP hosts Applied on 1/9/2014 9:27:10 PM. Total capture window: 11/15/2013 18:03:00.533697-18:04:30.533697. Current selection: 11/15/2013 18:03:00.533697-18:04:30.533697 (90 s at 1 sec). Source File: C:\Users\Laura\Documents\Customer Projects\Case 03A543\tr-twohosts.pcapng File Time: 12/31/2013 4:03:25 PM File Size: 54525KB Checksum ():

IP Conversations VIEW NOTES: IP host conversations. The size of the host is relative to the amount of data it has transmitted. The size of each connection is relative to how much traffic it has transported between the two endpoints (hosts). OTHER NOTES: This trace file contains two conversations. We have two internal hosts that are downloading a file from a remote host. In this report we will refer to the local hosts by the last two bytes of their IP addresses - 1.72 and 1.119. We will refer to the remote server as simply "the remote server." Figure 1 - IP Conversations

Bandwidth Over Time Total bandwidth over time Applied on 1/9/2014 9:29:24 PM. Total capture window: 11/15/2013 18:03:43.415340-18:04:30.415340. Current selection: 11/15/2013 18:03:43.415340-18:04:30.415340 (47 s at 1 sec). Source File: C:\Users\Laura\Documents\Customer Projects\Case 03A543\tr-twohosts.pcapng File Time: 12/31/2013 4:03:25 PM File Size: 54525KB Checksum (): Drilldown Sequence: 1. Applied the view "IP Conversations" 2. Performed a Conversation selection on the "IP Conversations" Conversation Ring. Details: Selected: 200.236.31.1-192.168.1.119 3. Applied the view "Bandwidth Over Time"

Bytes per Second The number of bytes per second. Figure 2 - Bytes per Second

Bits per Second VIEW NOTES: The number of bits per second. This enables an at-a-glance view of the total bandwidth used as well as a detailed look in single second precision. OTHER NOTES: We applied this "Bandwidth Over Time" view to the traffic to/from 1.119. We can see the throughput reaches 18 Mbps. There are numerous significant drops, however. We will compare this to the throughput graph for traffic to and from 1.72 next. [We used the right-click drilldown method to create this new view.] Figure 3 - Bits per Second

Packets per Second The number of packets per second. This view when compared to the bits/bytes view above allows the user to visually identify when many small packets are generating the traffic or if it is a few larger packets. Figure 4 - Packets per Second

Bandwidth Over Time (2) Total bandwidth over time Applied on 1/9/2014 9:30:43 PM. Total capture window: 11/15/2013 18:03:00.533697-18:04:02.533697. Current selection: 11/15/2013 18:03:00.533697-18:04:02.533697 (62 s at 1 sec). Source File: C:\Users\Laura\Documents\Customer Projects\Case 03A543\tr-twohosts.pcapng File Time: 12/31/2013 4:03:25 PM File Size: 54525KB Checksum (): Drilldown Sequence: 1. Applied the view "IP Conversations" 2. Performed a Conversation selection on the "IP Conversations" Conversation Ring. Details: Selected: 200.236.31.1-192.168.1.72 3. Applied the view "Bandwidth Over Time (2)"

Bytes per Second The number of bytes per second. Figure 5 - Bytes per Second

Bits per Second VIEW NOTES: The number of bits per second. This enables an at-a-glance view of the total bandwidth used as well as a detailed look in single second precision. OTHER NOTES: Interestingly the maximum throughput rate is lower in this IP conversation than the IP conversation to/from 1.119. We can see the consistency of this throughput during the file download to 1.72. Next we want to look further into the 1.119 views to determine if we are dealing with a network issue. [We used the right-click drilldown method to create this new view.] Figure 6 - Bits per Second

Packets per Second The number of packets per second. This view when compared to the bits/bytes view above allows the user to visually identify when many small packets are generating the traffic or if it is a few larger packets. Figure 7 - Packets per Second

TCP Errors Overview TCP Errors Overview Applied on 1/9/2014 9:32:45 PM. Total capture window: 11/15/2013 18:03:43.415340-18:04:30.415340. Current selection: 11/15/2013 18:03:43.415340-18:04:30.415340 (47 s at 1 sec). Source File: C:\Users\Laura\Documents\Customer Projects\Case 03A543\tr-twohosts.pcapng File Time: 12/31/2013 4:03:25 PM File Size: 54525KB Checksum (): Drilldown Sequence: 1. Applied the view "IP Conversations" 2. Performed a Conversation selection on the "IP Conversations" Conversation Ring. Details: Selected: 200.236.31.1-192.168.1.119 3. Applied the view "TCP Errors Overview"

TCP Errors Over Time VIEW NOTES: The number of TCP errors per second, charted over time. OTHER NOTES: This TCP Errors Overview screams that "packet loss" is the issue. Notice the pattern matches the dips in the throughput (Bandwidth Over Time) graph. Our 1.119 host is downloading a file and it appears that significant packet loss occurs during the process. Our host supports Fast Recovery (hence the Duplicate ACKs), but this cannot overcome the throughput problems caused by packet loss. We will look inside the Duplicate ACKs to see if the client is at least using SACK (119DupeACKs.pcapng). [We used the right-click Send to Wireshark from the Total TCP Errors screen to just grab those packets.] We also notice that there are only 454 Lost Segment indications, but over 1,000 Retransmissions. This means that we lost multiple segments in a row - complete outages rather than just single packets being dropped here and there. This is of concern since 99.99999% of the time packet loss occurs at an infrastructure device. This trace indicates that likely an infrastructure device is failing fast. We need to find out if it is one of ours and replace it asap. NEXT STEP: We need to capture traffic at the ingress point of our network to determine if the packet loss is occurring internally or externally. If we see the original packets AND Retransmissions in that trace file then we have a problem internally... packet loss has not occurred yet. If we only see the Retransmissions, then the problem is external to our network. Figure 8 - TCP Errors Over Time

Relative Number of Errors The relative number of occurrences of the different TCP errors in the period under observation. Figure 10 - Relative Number of Errors

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information