Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

OSTU: How to Start a Broadcast Analysis - Part One (Tony Fortunato)

4,959 views

Published on

Tony Fortunato is a Senior Network Specialist with experience in design, implementation, and troubleshooting of LAN/WAN/Wireless networks, desktops and servers since 1989. His background in financial networks includes design and implementation of trading floor networks. Tony has taught at local high schools, Colleges/Universities, Networld/Interop and many onsite private classroom settings to thousands of analysts.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

OSTU: How to Start a Broadcast Analysis - Part One (Tony Fortunato)

  1. 1. Examining How to start a Broadcast Analysis Part 1 Tony Fortunato, Sr Network Specialist The Technology Firm
  2. 2. Why Bother <ul><li>Broadcasts can cause; </li></ul><ul><li>Network slowdowns </li></ul><ul><li>Rebooting or Frozen PC’s </li></ul><ul><li>Unreliable WIFI </li></ul><ul><li>Unpredictable application or window client performance </li></ul><ul><li>Extra ‘space junk’ that you need to sift through when troubleshooting </li></ul><ul><li>I have seen10% broadcast storm ‘lock up’ WInterms, while a 90% broadcast storm did nothing </li></ul><ul><li>In most cases, a broadcast or multicast packet will result in an interrupt on your PC </li></ul>
  3. 3. How <ul><li>People always ask me how could 10% packet rate cause an issue. </li></ul><ul><li>Then I explain that we generated 2 loads with a traffic generator; </li></ul><ul><ul><li>90 % broadcast rate </li></ul></ul><ul><ul><ul><li>No noticeable issue </li></ul></ul></ul><ul><ul><li>10 % broadcast rate </li></ul></ul><ul><ul><ul><li>PC’s locked up or hung </li></ul></ul></ul><ul><li>Here are the number of theoretical number of packets you can generate, depending on packet size and media speed </li></ul><ul><ul><li>90%, 1518 Byte packets on 100 MB link = 7,411 packets/second </li></ul></ul><ul><ul><li>10%, 64 Byte packets on 100 MB link = 19,531 packets/second </li></ul></ul><ul><li>In many cases you can REDUCE broadcasts, not eliminate them </li></ul>
  4. 4. Common Networks and Related Issues <ul><li>In some cases the math may reveal or explain some of your current issues </li></ul><ul><li>I still see many flat networks, everything on the same VLAN </li></ul><ul><li>There should be separate VLANS for minimally each technology </li></ul>
  5. 5. Sources of Broadcasters <ul><li>Anything default protocol settings will send out extra broadcast or multicast packets </li></ul><ul><li>Printers </li></ul><ul><li>PC’s </li></ul><ul><li>Routing Protocols </li></ul><ul><li>Mis-configured standard PC builds </li></ul><ul><li>Example of excessive protocols </li></ul><ul><li>IPX </li></ul><ul><li>LLC or NetBEUI </li></ul><ul><li>IPV6, if you are a V4 shop and vice versa </li></ul><ul><li>STP, if you are not using spanning tree </li></ul><ul><li>Teaming or load balancing protocols </li></ul><ul><li>UPNP </li></ul><ul><li>RIP </li></ul><ul><li>New Microsoft Peer to Peer protocols </li></ul>
  6. 6. Now what? <ul><li>How can I find out if I have this problem, or clean it up? </li></ul><ul><ul><li>Protocol Analyzer is the easiest tool to use. </li></ul></ul><ul><li>Start a capture from an idle PC and set a Stop Capture Trigger at 8 MB </li></ul><ul><ul><li>Leave the PC alone – Go for lunch you deserve it ;b </li></ul></ul><ul><li>Come back, and lets review the trace file </li></ul>
  7. 7. Step 1 – What’s out there? <ul><li>For most people, step 1 involves looking at the screen and yelling, “HOLY @#$$@%$” </li></ul><ul><li>We’ll try another approach; </li></ul><ul><ul><li>Go to Statistics -> Protocol Hierarchy </li></ul></ul><ul><li>The hard part of this exercise is to have an idea or guess-timate of what protocols you think should be on the network </li></ul><ul><li>It s discouraging when I hear the analyst grumble, ‘I don’t know what that is, but there are only a few of those packets, so lets skip them’ </li></ul><ul><li>I would hope now that you have the trace file, you can pick away at it whenever you have a moment </li></ul>
  8. 8. Step 2 – Pick a Protocol, Any Protocol <ul><li>this customer does not use IPX for anything, so this would be a good start. </li></ul><ul><li>In this case I know this customer does not use IPX for anything, so this would be a good start. </li></ul>
  9. 9. Step 3; Pick An Address, Any Address <ul><li>This is pretty easy now, the Fluke address is their Fluke Optiview , which leaves the Lexmark mac address. </li></ul><ul><li>Obviously this is a printer, but what is the IP address, so I can remotely fix it? </li></ul><ul><li>Simply filter on the Lexmark mac address, and click on the IPV4 tab. </li></ul>
  10. 10. Step 4; FIX IT!!! <ul><li>Make sure your “ limit to display filter” is checked off </li></ul><ul><li>The .255 ip address is just a broadcast address </li></ul><ul><li>Simply telnet or use a web browser to connect to the printer and clean it up </li></ul><ul><li>In some cases, you can forward the IP’s to another department, who can do this </li></ul>
  11. 11. Examining How to start a Broadcast Analysis Part 1 Thank You Tony Fortunato, Sr Network Specialist The Technology Firm
  12. 12. <ul><li>For additional educational videos on Open Source Network Tools, please click on the following … </li></ul><ul><li>http://www.lovemytool.com/blog/ostu.html </li></ul>LoveMyTool.com – Community for Network Tools

×