LMTV LIVE | Visibility Architectures - Understanding NPM and APM (with Keith Bromley of IXIA and Jason Suss of Dynatrace)
Wireshark Edit Name Resolution (by Tony Fortunato)

Knowing Your Tools (by Tony Fortunato)

Knowing Your Tools

I was troubleshooting and had a continuous ping running against a router. I then connected a network analysis tool and suddenly my ping times went from <1ms to well over 100ms. You got to love it when you have to stop troubleshooting the network issue to troubleshoot your tools ;).

I had the presence of mind to immediately unplug the tool and immediately noticed that the ping times returned to ‘normal’. I connected the tool and the times shot right back up. Hmm.  Now I’m intrigued.

Initial Pings After Pings

First thing was to ensure the tool’s settings were set for defaults or factory settings and they were. 

The next thing I did was capture my station’s traffic to ensure I wasn’t interacting or communicating with the tool that would cause some latency because my computer was ‘busy’. 

I could see the ping (ICMP) response times where initially less than 1 ms.

4

At the end of the trace you can clearly see the ping responses are way over 1 ms.

5

I then reviewed some packets I captured from the tool as this was happening.

6

I looked up IP address 23.194.108.168 since I didn’t have the DNS lookup in my capture and found out it was a23-194-108-168.deploy.static.akamaitechnologies.com which looks a lot like Microsoft’s update servers.

I then looked at the tool’s screen and saw this:

7

LOL, I guess this is more of a ‘FYI updates have been downloaded’, yikes… Since this location had very limited bandwidth, the updates must have chewed up all the bandwidth.

My last test was to start a continuous ping, then connect the tool and leave it for a bit while we got a coffee, etc. We noticed the response times shot back up almost immediately. When we returned, the ping times were back to the <1 ms and we could now get back to troubleshooting.

The moral of the story is to make sure to be aware of your tools operating system. In this case it was Microsoft Windows 10, but it could have been Linux, etc.. Most operating systems will perform system updates and if the device has been powered off for a while, you should expect it to take a while to update. In some cases certain updates might require a reboot.  If this becomes an issue you should find out how to halt the update process. With some companies you might even discover that you can configure that device for a local update server.

Comments