pointer

Category Archives: Network Managment

Preventing Bandwidth Issues

Posted on by .

    First, a quiz: In the following scenario, do you think this is a network, device or application problem?

    Users are continually experiencing garbled and choppy VoIP calls, Internet connections are slow, and you are receiving complaints of poor video quality.

    If you answered network bandwidth issues, you are correct. With video becoming the primary data type on networks of all types, it’s a lot easier for networks to become strained and overused, and often not by mission critical traffic.

    If you are consistently experiencing these problems, here are some helpful steps to take to prevent bandwidth issues.

    Step 1: Create a baseline
    It’s always important to know what your bandwidth needs are based on the number of users and the types of applications that are running on your network. Know who is using what, when, where, and why in regards to network segments. This will help you understand the overall demand on your network and allocate bandwidth appropriately. It will also allow you to quickly determine when network usage is exceeding norms.

    If new applications, new users, or new devices are introduced be sure to reevaluate your baseline usage.

    Step 2: Prioritize critical business applications and tie baseline protocols and usage to those applications
    Each network segment may have different protocol priorities because of the specific applications that traverse those segments. Top applications need to be handled based on business importance for the segment they are individually on.

    That said, even if you prioritize your business applications, any protocol that is not performing well could affect overall application performance. In order to determine what application might be causing problems, it is essential to have a network analyzer that can break down and show individual flows and their performance. The network analyzer can provide visibility into the weakest link as well as options to sort application flows with various criteria choices.

    Step 3: Use packet shaping technologies
    Packet shaping allows you to prioritize certain network traffic, like key applications or real-time data (like VoIP) over other, less critical traffic on your network. For example, if you run an online store that is the backbone of your business, HTTP traffic to and from your web servers is critical. Packet shaping technology can give this traffic priority over everything else, ensuring the best possible user experience for your online customers.

    Step 4: Prune your protocols/traffic
    Most corporate networks have unnecessary traffic which can consume precious network bandwidth needlessly. Check for protocols that may no longer be necessary on your network, or that could be network hogs, like SNMP, to determine if they still have a purpose or if they are being misused. If they are no longer mission critical, make sure your packet shaping technology treats this traffic with the lowest possible priority.

    Along with continuously pruning your network, be sure to constantly monitor your network. The best monitoring solutions will allow you to archive packet data to disk, providing a complete recording of network activity. When your monitoring solution indicates problems, simply “rewind” your network to determine exactly what the issue is. Whether it’s a surge in web-based sales due to your latest promotion, or employees streaming the Stanley Cup playoffs, it’s up to you to know what your network can handle, and up to your network monitoring and analysis solution to let you know when bandwidth issues are about to occur.

      WildPackets in the NOC

      Posted on by .

        The world’s largest independent IT conference, Interop, could not run without its network, InteropNet. And, InteropNet could not run without a group of volunteers and vendors that are selected each year to collaborate and run the expo’s network from the Network Operations Center (NOC).

        This week, you will not only find us at Interop Las Vegas, but also our full range of Omnipliance solutions will be a part of the InteropNet!

        Preparing for Interop
        Being a part of the Interop NOC is challenging in several ways. First, you are working in a research and development environment that has the most advanced wired and wireless technologies.

        Second – and maybe the most challenging – is Interop vendors and attendees use as much bandwidth as possible to ensure that product demos go on without a hitch and to stay connected to the outside world via mobile devices. The number of devices deployed as well as the bandwidth needed to run the show makes operating a highly reliable, high performance network a challenge and the ability to troubleshoot and quickly resolve issues a high priority. This is where our real-time analysis and network forensics on both wired and wireless networks will play a crucial role both in finding and diagnosing any problem.

        For the last two weeks, we’ve been working with our fellow NOC vendors and volunteers to create a working infrastructure and testing our Omnipliances interoperability with the other products in the NOC. Together, we helped enable a seamless, end-to-end network application monitoring, analysis and troubleshooting solution that is ready for the show, although our work has just begun.

        During Interop
        The WildPackets’ Professional Services team will be looking at the real-time health across all the network segments in a single view at Interop and ready to quickly troubleshoot any network issues. With leveraging our expert events and network forensic capabilities, we can easily detect any bandwidth hogs and maintain the high quality runtime of InteropNet.

        For wireless, our Omnipliances will help validate the placement of access points and the signal strength. They will validate configuration and optimizations changes that network engineers may make during the show. For example, these changes may include increasing the signal strength of an Access Point (AP), changing a directional antenna, changing what types of clients can connect, or even changing how often an AP will beacon. Also, the Omnipliances can easily detect and investigate BYOD issues when wireless devices are in motion to maintain the high quality wireless experience at InteropNet.

        If you want to hear more about our participation at Interop, leave us a comment or come say hello at booth 2059. You can also tour the NOC on Wednesday and Thursday, May 8 and 9.

          Best Practices for Capturing 802.11ac Traffic for Analysis

          Posted on by .

            The traditional method used when capturing wireless data for analysis has been based on consumer-grade WLAN USB devices. In most enterprise networks, network engineers use USB 2.0-based WLAN adapters since this is what is typically available. However, with the increased speed of 802.11ac, this method becomes troublesome.

            Why?

            802.11ac introduces data rates that exceed 6Gbps – faster than most wired speeds. Even the most sophisticated USB devices based on USB 3.0 (the latest standard) have a theoretical bus speed of 5Gbps, with an effective rate of about 3.2Gbps. So even USB 3.0 does not provide sufficient performance for capturing peak 802.11ac data rates, and every packet counts when it comes to wireless analysis.

            In order to effectively and efficiently capture and analyze your WLAN traffic for analysis, you’ll need to look to another device to help you – access points (APs). Using APs as packet capture devices is hugely beneficial because the APs in your network are typically specified to handle the most capable clients that will connect to your WLAN – guaranteeing that you’ll have the capacity to capture whatever traffic is on your WLAN.

            Wireless packet capture from APs can be accomplished using two different, but similar, approaches. The first is using remote PCAP (RPCAP) and the second is using custom remote adapters.

            Capturing Packets with Remote PCAP (RPCAP)
            PCAP is the de facto standard for capturing packet data on a network (wired or wireless) and allows interaction with remote devices to capture packets. In order to capture data for analysis on a remote device, it must be running the RPCAP daemon (rpcapd).

            There are two modes that can be implemented when using RPCAP – a passive and an active mode. Active mode will try to establish a connection to the analyzer; the analyzer then sends the appropriate commands to the daemon and starts the capture. This method requires the WLAN itself to have knowledge of when it wants to start an analysis session, and this is beyond the capability of most WLANs today, leaving the active mode as an interesting but mostly untapped capability of RPCAP, especially for wireless analysis.

            For this blog, we’ll focus on the passive mode, which is the most common and the simplest. In passive mode, the analyst directs the analyzer to the devices to be used for packet capture by providing the IP addresses of the device(s). The analyzer then connects to the remote daemon and is provided a list of available interfaces that can be used for packet capture. The analyst then selects the interfaces of interest and starts a capture just as if that adapter was connected locally. All channel and band choices are made directly on the AP, or through the AP controller software.

            Now, if you are interested in this type of capture method, your next step is to find access points that support RPCAP. This feature is not easy to find, as it is not necessarily a “marketed feature” by manufacturers. That said, we have already tested RPCAP for wireless analysis using several devices, including:

            • Aerohive: Model HiveAP 120
            • Ruckus: ZoneFlex 7363 (requires ZoneDirector Controller)

            Many other AP manufacturers have told us that they also support RPCAP across most if not all of their AP offerings. If you know of other specific products with this capability, we’d love to hear about them.

            Capturing Packets using Custom Remote Adapters
            With custom remote adapters, the APs directly deliver data to the WLAN analysis software. This feature has been a part of WildPackets technology for a while and we have custom adapters to collect from Cisco, Aruba, and Meru APs. The process for developing a custom remote adapter is very similar to that of RPCAP but it requires a little more interaction between network analysis software vendors and hardware equipment manufacturers since the tunnel used to send the packets between the AP and the analysis software is proprietary to each equipment vendor and therefore requires a “custom” adapter.

            Now, in order to get this system set up, go into your controller software on your AP and pick either an AP or a radio and put these into promiscuous mode. If an access point has multiple radios, you can put some in promiscuous mode and leave some in network mode so user connectivity is not affected. Most enterprise installations have sufficient wireless coverage so even if you take a few APs and put them in promiscuous mode, network performance will not be degraded. Once this configuration is done, you provide the controller with the IP address where your WLAN analysis software is running, and the AP immediately begins streaming packets to the analyzer. Now simply start your capture on the specific custom remote adapter and begin analyzing.

            Remote adapters in general provide another benefit besides being capable of performing packet capture for the most demanding networks. They also allow analysts to capture packets for analysis anywhere in the network – worldwide – without leaving their desks. WLAN analysis requires that packets be captured within a few hundred feet of the area where the problem is being reported. There’s no way around this. Now that 802.11 technology has become so popular, problems can be happening anywhere, and it is not feasible to have an analyst close enough to every installation to be able to just walk over with the network analyzer and collect data. Remote adapters provide the flexibility to capture WLAN data anytime and anywhere.