65 posts categorized "Paul Offord" Feed

LMTV LIVE | Performance Article and TribeLab - Tony Fortunato and Paul Offord

In this episode, Tony Fortunato and Paul Offord are hijacking LMTV.  

Tony is covering Cisco router speed testing and the merits of performance testing.  Tony will briefly cover why you need to pay attention with the protocol you use and why you should avoid the disk - initially.

Paul is previewing two new updates to TribeLab Workbench; the first allowing you to explore more data types with tools like Excel and Wireshark, and the second extending the range of tools in the toolbox.  

Paul will demonstrate how Excel can open not just a Wireshark trace file, but also an ETL file captured using netsh trace.  We'll also see how we can add TraceWrangler to the toolbox to give us drag-and-drop anonymization of trace files.

 

 


Network Troubleshooting Tip - Understand the System (by Paul Offord)

When we get to the point in an investigation where we are about to break out Wireshark, the complexity of the packet analysis can seem quite daunting. And yet by covering a few key points can dramatically cut the time needed to analyze any diagnostic data.

In my previous post I covered the selection of a single symptom for investigation. In this blog we'll discover the need to understand more than just the network connectivity.

I remember visiting a third party data center and chatting to a network engineer who had been leading the investigation into a Citrix performance problem. He had spent months looking at this issue and I was shocked to discover how little he understood about the system he was analyzing. I asked him to draw a rough diagram showing the main components of the system and how they talked to each other. He couldn't and didn't see the need. As far as he was concerned, packets went into one switch port and they came out of another. "I don't need to know what connected to those ports", he informed me.

This may be an extreme example, but I have attended many meetings with teams that have been investigating a performance problem and nobody is able to draw the system on a whiteboard.

Ipt_diag

Modern systems are very complex, and so we need to sketch out the system with enough detail to provide everyone with an understanding of how it works, but not so much that it's overwhelming.  Advance7 has found ...

Continue reading "Network Troubleshooting Tip - Understand the System (by Paul Offord)" »


Network Troubleshooting Tip - Focus on a Single Symptom (by Paul Offord)

When we get to the point in an investigation where we are about to break out Wireshark, the complexity of the packet analysis can seem quite daunting. And yet by covering a few key points can dramatically cut the time needed to analyze any diagnostic data.

In my previous post I covered the need to thoroughly understand a symptom. In this blog we'll look at the dangers looking for a common cause for multiple symptoms.

Imagine you are faced with a situation where users are complaining about three issues:

  • Word documents should open in less than 5 seconds, but intermittently take more than 30 seconds.
  • Excel workbooks should save in less than 15 seconds, but intermittently take more than 60 seconds.
  • Opening an Outlook Inbox should take less than 20 seconds, but sometimes takes more than 3 minutes.

All problems are reported as having started at the same time, and there’s a widespread belief that they are being caused by a network issue. This is the point where alarm bells should start to ring.

  Symptoms1

 

Maybe some of the symptoms are down to the same root cause, but maybe they are not, and starting by assuming they are is likely to lead to a very frustrating time. The choice of a single symptom and ...

Continue reading "Network Troubleshooting Tip - Focus on a Single Symptom (by Paul Offord)" »


Capture packets with a standard Windows tool (by Paul Offord)

Wireshark is a great way to capture network packets, but it's not always practical to use it.  In an enterprise environment, at the very least, we need to get a change approved to install the software.  Often it is just not possible to get approval to install Wireshark onto a desktop or server.  So packet capture isn't possible - or is it?

Windows includes a rarely-used command line tool that has many of the capabilities of Wireshark dumpcap.  It's there ready and waiting, on every Windows machine!  Let's take a look at how we can use it.

Netsh_trace_ss

Windows 2000 introduced a command line utility called netsh (network shell).  As the name suggests, netsh is a shell environment that provides commands that address network issues.  One of the commands it provides is netsh trace, a simple command line packet capture tool.

 In the following video ..

Continue reading "Capture packets with a standard Windows tool (by Paul Offord)" »


LMTV TribeLab | TRANSUM Revisited (by Paul Offord)



YouTube Live Stream: Wednesday, August 24, 2016 - 9:30 AM PST


LMTV TribeLabPaul offordTRANSUM is a Wireshark plugin that generates detailed response time information to allow network engineers to troubleshoot performance problems with their favorite packet analyzer. TRANSUM is being developed as part of Advance7’s TribeLab project and is its most popular download.

In this week’s show, Advance7’s Paul Offord brings us up to date with the capabilities of TRANSUM and gives us a glimpse of things to come.


Please click here for more episodes of LMTV TribeLab >>