atcomsystems.ca/forum Forums VOIP Phones & IP PBX Networking Tools for general Network config troubleshooting and monitoring?

Hello.

I was wondering if anyone could recommend some general tools for network troubleshooting and monitoring.

The company network has always run very smoothly until recently when some configuration changes were made with a new piece of redundant sonicwall 3060 firewalls/VPN devices.

Now the network intermediately looses internet connection.

I am thinking so far that it would be one of two things.

1. Bandwidth usage is exceeding T1 capacity(however it seem unlikely since it worked before the sonicwalls).

2. Network configuration problem(more likely)
-This could be a broadcast storm in the network
- Misrouted packets to the VPN tunel instead of WAN
- Loop situation with the VPN
- General conflicting on the network setup.
I guess there is an infinite number of problems that could be causing it.


I was wondering if the event that its not the T1 usage but rather a network issue. Are there any good programs that are commonly used to troubleshoot a network?

Thanks for your help.

P.S. Thank you for the recommendation on the bandwidth monitoring tools.

It's a pretty broad question but your general all-purpose packet sniffer is the best place to start.

Something like Ethereal would be a good utility to start with. You will need an old-school hub somewhere in the pipe between your sonicwalls and the rest of your network to monitor traffic tho. Since we are just talking a T1 you can use any old 10-base hub laying around. Also might be a good idead to get a dedicated machine cause it is not always stable

Finding a network problem is always fun.

That is an excellent suggestion!

Using an old school hub which broadcast a mirror every packet to each port instead of placing an old and unstable computer between the Sonicwall and the network would be ideal!

By the way, I found one of the problems was actually with our local name server.

So basically it was not translating a website into an IP address and just freezing up on everyone.

So it would give you a timeout error when you type in a web address however if you typed the IP address directly, it worked fine.

Once the name server was setup on a new computer, everything started to work great again.

So there is 1 network problem solve but still a lot more to go such as the point-to-point sonicwall tunnel.

Everyone always seem to point to the T1 whenever there is a problem instead of looking at network configuration issues and monitoring bandwidth.

Thanks for your help!

SPAN is the answer! Don't create a single point of failure in your network with a hub, create a SPAN port on a non-routed VLAN. Did you get a chance to install MRTG or Cacti Walker? These are great tools for what you need, just setup a Linux box and you are good to go. Get a hand on your usage then you can address the other network issues.

If his switch supports port mirroring then that's another option.

IF his network is not working then the long term possibility of a hub being a weak point is pretty moot. The hub is a short-term diagnostic tool, not a solution in this scenario. It is just going to go between the T1 and the Sonicwall, or between the sonicwall and the rest of the network. This will let him analyze traffic on the WAN and LAN side of just the sonicwall, since he thinks this is where his problem lies.

I prefer the hub method because it allows me to tap the network without modifying any switch settings. I've seen switches not work until you log into the management console/interface and then they work great. To each his own.

You could also look into a syslog server for the sonicwall that will do event reporting. I believe sonicwall has their own software for this but i'm sure they charge an arm and a leg for it.

It's all about what you are familiar with.

On a side note, Cacti and MRTG are not network analyzers. They collect data from devices. This means that if your device (router/switch/etc) doesn't collect the right kind of data you are looking for, then these will do you no good in monitoring your network. They are also only statistical information or counters, meaning that you cant actually see what happened in the packet, but that there were 813 packet errors on the network device, and 81732498 unicast packets transmitted, etc.

So it depends at what level you are having network issues.

Kind of light duty, but handy and elegent is a monitoring software available free from 3com.
It is called Network Supervisor. It can do scans of a network, make maps, monitor servers, etc.
gr

Solarwinds or PRTG easier than all the others to configure