The Packet TraceThe Packet Trace

Managed switches, UPSs and a little TLC continue to help to improve our bottom line.

When I was first introduced to Ethereal, it was to do the legwork--run the application, a packet sniffer (protocol analyzer), and then upload the data for the engineers to review. Pretty simple, but it still meant rolling the truck so the factory guys could figure out what was wrong--at our expense. Since those days we've been running the same application now renamed Wire Shark.One of our accounting firms called a few weeks ago and said, "The IT guy needs you here to test all those cables you installed." The cable installation dates back about nine years, except for a few new drops we pulled on the first floor just over a year ago. We complied and found no cabling issues. I asked the customer and IT contractor more about their concerns. "Since we got our new server, our speed has been slow." I offered to do a packet trace and to keep my Tough Book laptop on site overnight. Returning to the site 30+ hours later revealed what was wrong.

We found what seemed to be a lot of errors coming from one of the switches connected to the first floor. The switch was an unmanaged Dell 10/100 Mbps switch and it was latent when we tested each port simply by pinging between ports and then floors. The customer commented that since the move (Server to first floor from the third floor), users on the first floor now experienced very slow response times in the applications and on the Internet (web browsing). We put in a switch we had on hand to test, and the latency disappeared. The switch on the first floor was powered without any AC protection and my guess is it probably got hammered one too many times by power transients. We also ran PingT (a tool to ping IP ranges) to quickly see what was live.

There was a lot of broadcast traffic originating from an IP address that pointed to the receptionist's area. Upon inspecting her work area, we found a hub with two PCs and a network printer. This problem easily resolved--by adding a few cables.

Next was the Inter-network Packet Exchange (IPX) traffic, accounting for over 20% of traffic. We also found small amounts of NETBIOS and NOVELL that were also linked to printers. The IT guy recognized the IP addresses as printers and disabled IPX on the printers. While discovering what was running on the customer network, we also discovered that we could access every network printer without a password. Network printers seem to open up issues of security (lack of) and inefficiency (too many or the wrong kind of protocols).

A few days later we replaced the two existing Dell switches with managed ADTRAN 1524ST GIG switches. Next, we reviewed statistics on each switch port and found nearly half the devices in the network were not running at 100 Mbps full duplex or 1 Gbps full duplex because PCs had been set to 100 Mbps half duplex. Most of the PCs are running at 1 GIG including the servers and the NAS drive. A few older PCs remain operating at 100 Mbps, full duplex and no one is complaining about latency. Maybe putting the GIG switches in could have resolved most of the complaints and still masked the other issues. That's the difference in installations. Going a little further by running a packet trace on the network is more than a good idea before implementing new gear--and afterwards.

Of course it ended up being a positive sale for us, with the customer getting relief and the ADTRAN switches quickly revealing specific issues on each port. I relate this experience to the days when we had to push down UPS (battery back up) solutions to the customers because in those earlier days, customers struggled over spending money on batteries. Now batteries (UPSs) are almost standard fare. Getting the customer to buy in to managed switches will be an exercise of time and faith, and in time, customers do exercise more faith once they begin to see the benefits affirming their purchases.

Managed switches are invaluable to help pinpoint issues, and using a few free tools like Wire Shark and PingT in revealing whether the network is efficient or not goes a long way in proving your case. The other failing quality of many LAN installs is the lack of adequately protecting what is the customer infrastructure from power disruptions and transients. Placing a UPS on the server doesn't protect the network--it does help protect just the server.

The good news is, unlike the days of old, when we do packet traces today, we get paid: once to figure out what's going on in the network and then again to put in what was overlooked. Managed switches, UPSs and a little TLC continue to help to improve our bottom line. So for the VARs and Interconnects, if you are missing this point you are missing key revenue opportunities. For the customer--anyone can have a network but it won't run well without an occasional oil change.Managed switches, UPSs and a little TLC continue to help to improve our bottom line.