Learn how to speed up wired and wireless networks, identify and manage bottlenecks and get everything running like clockwork
Diagnose network bottlenecks
Ethernet networks can run without any problems for a long time. But a disaster can occur without warning, debilitating an underequipped network.
One danger is a broadcast storm, in which a defective or misconfigured network device forces your network to shut down by flooding it with traffic. A malware-infected computer that sends a barrage of email or tries to replicate to computers on the network or internet is another potential headache. As well as slowing down everything on the network, it's likely to create friction with your ISP.
Another common complaint is resource-hungry users, applications or services using up all the bandwidth to stream video or download huge files.
Identify the problems
Wireshark is a user-friendly freeware tool that allows you to identify bandwidth hogs. It can also warn you of an email account that's barraging others with messages, suggesting a possible malware infestation.
The tool captures network packets, analyses them and displays detailed packet data. Download the version you need from the site. When you run the program (the file is approximately 77MB) you may be prompted to install WinCap at the same time. Click the ‘What is WinCap?' button for details of its functions.
Now you need to identify the traffic you're monitoring. Plug a PC running Wireshark into any available switch port and you'll see only traffic to and from your system and broadcast/multicast traffic - interesting, but not always useful.
To monitor traffic from an ethernet port other than the one your PC is plugged into, you need to mirror your ports. You may want to check on the port for your internet connection, for example. Consult your router documentation for specifics; there may be a simple browser interface to do so, as there was on our 24-port Netgear switch.
Next, let's capture some network traffic. Click Capture, Options and select the correct interface; to focus on a specific type of traffic, choose Capture Filter and select or create a filter. You can specify a time period or amount of data Wireshark should collect by ticking the appropriate Stop Capture box and select a suitable drop-down menu value. If you let Wireshark run for an extended period of time, file sizes can become unmanageably large. Now click Start, and you'll see traffic flowing in real time. Press Stop to automatically cease data capture.
Now you need to interpret the data. If you're investigating a network slowdown, you'll want to pinpoint the source of traffic. Choose Statistics, Conversations and select the IPv4 tab; from there, you can sort by such criteria as ‘Bytes' (to pinpoint a PC that's generating too much traffic). To search for a particular type of traffic, click Analyze, ‘Enabled protocols', and tick the protocols you want.
Wireshark is a flexible tool for locating network problems and analysing your traffic. It can be a handful at first, but is well worth learning to wield properly.
Another open-source option is NetworkActiv PIAFCTM. This content-management tool works on the same principle, mirroring the port where traffic enters the network from outside and identifying unacceptably large files. It allows you to search for offending files by type and then drill down to see who has been flouting the office acceptable-use policy.
>> NEXT PAGE: Banish wireless blues