General discussion


Network Packets

By robert_onyuma ·
What utilities/softwares can i deploy to monitor network packets from NICs in 100 pcs from one central location...My client is experiencing slower network traffic and the situation is getting worse by the day.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by jcreaghan In reply to Network Packets

I like to use Ethereal...and it's free.

In a switched network environment, make sure you are able to select one port for mirroring. You need it to view all packets, otherwise you'll only see the broadcast and multicast traffic, no unicast without it.

Collapse -

by douglas In reply to Network Packets

Ethereal is free, but only offers decode and post capture statistics. I use Observer, one of the many "for charge" analyzers. The for charge products offer more statistics, and at the higher end offer problem identification through expert analysis (this is a feature that scans through captures and tries to identify problems).

Monitoring 100 systems can offer some challenges with respect to switch span ports. A span port by its nature can only send X amount of data (100 Mbs usually) and the 100 systems may generate in aggregate more data that the span port can handle. In that case the switch will drop packets.

I like to only span the port of the server in question or send all the spaned ports to a faster port than the original systems are on. For example if the original ports are 100Mbs, span them to a 1000Mbs port.

Related Discussions

Related Forums