Let’s face it, we’ve all at some point or another have faced slowness with our office networks. We have tried several methods to “resolve” the slowness including rebooting the devices such as ISP routers, firewalls, switches and servers. We have also tried other methods like replacing the hardware such as servers and switches in hopes of speeding up the network. Other methods you may have tried to speed up the network might have involved increasing the bandwidth of the company Internet connection only to find out that network slowness still persists.
Key to Troubleshooting: Network Visibility
This brings us up to a very important point which is that network visibility is everything when it comes to troubleshooting slow networks. We can utilize a few different methods to have better visibility of our networks including:
Out of the three visibility methods listed, packet data is the most comprehensive way to analyze any type of “slowness” within the network. Wireshark is a GUI based packet sniffer tool that can help us pick out “needle in haystack” and in doing so, help us analyze packet data in a comprehensive manner. For instance, we can use packet data analysis in trace files to look for the following:
Anytime we see re-transmission or Dup ACK (duplicate acknowledgment) of packets, this means that data went missing or we had a packet loss. The beauty of using TCP is that it is connection oriented and is designed to determine when packets were lost and then to re-transmit when there is a problem. In a nutshell, we have to remember that packet loss kills applications and just destroys network performance. So we have to make sure to investigate packet loss right down to the root cause and resolve the issue. A packet sniffer tool such as Wireshark can help us achieve this.
DNS Response Time Matters:
We can also use trace files to analyze slow HTTP and DNS response time to further troubleshoot network slowness. DNS (Domain Name System) is an important service that applications rely on to work well. The important point to remember here is that If DNS is slow then the network would be slow and if DNS is down then the network would also be down.
Network Latency:
In a nutshell, the time it takes for data or a request for that matter to go from the source to the destination is known as network latency. Network latency is measured in milliseconds. Although, there are several reasons that cause network latency, the two common ones have to do with:
Analysis at the packet data level could help us identify cause of “slowness” on our networks. Protocols such as TCP, DNS, HTTP and ARP can help us pinpoint in the right direction and not only save us valuable time but money as well!