8 posts categorized "Mike Canney" Feed

So Just How Bad is 0.9% Packet Loss in your Network? --Network Congestion and TCP's impact on Performance (by Mike Canney)

I often get trace files from customers with the comments, "there seems to be some TCP retransmissions" but they are not sure just how that really relates to performance issues they are having.  After all, some amount of retransmissions in an Ethernet Network is normal, right? 

There are certainly safeguards against packet loss in the protocols we use today but just what does it do to the end user experience when packet loss occurs?  Join me as we explore troubleshooting with Wireshark and NetData with an example I ran into recently where we needed to get to the bottom of their performance issue.

 

 

 

Continue reading "So Just How Bad is 0.9% Packet Loss in your Network? --Network Congestion and TCP's impact on Performance (by Mike Canney)" »


Creating a Useful Wireshark CIFS profile (by Mike Canney)

Combine the great SMB/CIFS decodes in Wireshark with the second to none customization capabilities, and you have the makings of a fantastic tool in your toolbox.  In this short video we talk about how to use Wireshark and the custom profile capabilities to quickly troubleshoot a CIFS file transfer issue.

 Let's take a look:

 

 

  

Continue reading "Creating a Useful Wireshark CIFS profile (by Mike Canney)" »


Give Me Packets!!! Case Study: Slow Oracle DB (by Mike Canney)

There are a number of tools on the market that claim to allow you to analyze Data Bases.  I have many customers that own these tools and sometimes they work great.  Especially if it's what I call a "Low Hanging Fruit" problem, such as a slow SQL call like a SELECT or INSERT etc.  

What happens when it's not so obvious?  This is where deep packet analysis is needed.  In the following case study we will look at a chronic problem that far too many of my customers experience and how to quickly resolve that issue.  This particular problem was lasting for months.  More memory was added, servers upgraded, content switches added/upgraded yet the problem still persisted.  

 Let's take a look:

 

  

Continue reading "Give Me Packets!!! Case Study: Slow Oracle DB (by Mike Canney)" »


The Dark Side of Packet Slicing (by Mike Canney)

SiegerninjaPF

 

Packet or frame slicing our captures can be a great way to hide information in trace files if done correctly.  However, you have to really understand the reason for the captures in the first place.  For example, often times application performance issues leave many clues at layer 4 (specifically TCP).  What happens when you 'hard" slice a trace file and now cannot follow the TCP sequence numbers because the incorrect frame size value is written in the pcap file?

Other times you may need to see the specific application call (SQL/Oracle) to actually fix the problem but you no longer have that data because you've sliced it away.  

Continue reading "The Dark Side of Packet Slicing (by Mike Canney)" »


Give me PACKETS!! Case Study: "The Slow Internet" (by Mike Canney)

Like many Network Engineers, I have also heard all to often that "The Network is Slow".  This is the mantra repeated across the World by end users, server admins and application developers.  

Luckily, we are armed with a tool set to not only exonerate the network (in most cases) but also pinpoint exactly where the problem occurred.  

Being a Packet Fetcher, the first thing I typically turn to in these situations is handy dandy PCAP(s).  In this first case study, we will see how to quickly solve this performance issue given the correct trace files from, more importantly, the correct areas of the network.   See the following diagram of the capture points as well as the video at the end of the post.

Internet_pic

 

 

 

Continue reading "Give me PACKETS!! Case Study: "The Slow Internet" (by Mike Canney)" »


Give me PACKETS!! (by Mike Canney)

Give me Packets!

I have been troubleshooting “network” problems for over two decades.  From mom and pop small businesses to Fortune 10.  Literally thousands of companies.  As far as tools go, I’ve used just about all of them.  From the Network General Sniffer, Novell LanAlyzer, Optimal’s Application Expert/Vantage, Compuware Ecoscope, Cinco NetXray to Wireshark and back.  

You would be hard pressed to find something that is somewhat mainstream that analyzes packets that I haven't used to find and solve network and application issues. Flower issueI’ve have also used the majority of the popular APM/NPM tools on the market for monitoring Network and Application Performance (I won’t list them).  The one thing in common is that they’ve all been useful in their own right.  Understanding at a high level of what traffic is on the network and an inclining of ‘potential’ application performance issues. 

 

Continue reading "Give me PACKETS!! (by Mike Canney)" »