CAMC1 wrote:
> What I need is a good device or software that will detect such abnormal
> behaviour on my LAN, and flag me for it.
> So that I can go to that device and look at it.
>
> I know I can put packet sniffer, but sniffing packets and trying to
> interpret what they mean is another game.
> MC
>
> "James Beukelman" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
>> CAMC1 wrote:
>>> Can anyone suggest a solution to problem below?
>>>
>>> - From time to time, browsing internet from our LAN is really slow, and
>>> opening any pages time out from any websites
>>> - Browsing internet from outside firewall seem ok
>>> - 2 windows Active Directory 2000 DC with DNS, DHCP and WINS enabled
>>> completely patched.
>>> - In our internal network, some windows 98, and NT4 workstations that
> can't
>>> be patched and old Anti-Virus may not be working correctly
>>> but they have to be on the LAN, and upgrade costs would be huge.
>>> I know, one of these PC could be acting like zombie inside which may be
>>> slowing down web browsing.
>>> When we re-boot 2 DC fresh, browsing problem goes away, a few days.
>>>
>>> Do you think, having another DNS sever would solve our problem?
>>> How would I know if DNS server bogged down when there is no apparant
>>> indication?
>>>
>>> Thanks
>>> MC
>>>
>>>
>> Chances are that it is not related to DNS. I would guess you may have a
>> virus that is trying to phone home. Or it could possibly be a broadcast
>> storm on your network.
>>
>> In either of these scenarios, one host on your network could be sending
>> large amounts of data, flooding your LAN.
>>
>> If this is the case, it's easy to determine which host it is.. though it
>> will take some time, so clear your afternoon schedule!
>>
>> Easiest way is to take your laptop (hopefully you have one) and plug it
>> into your network switch. Do this when the Internet is running slowly.
>> Then, one by one, unplug each device from the switch and try to surf
>> the internet again from your laptop. If it's still slow, plug it back
>> in and move on the the next one. If the Internet moves faster, you now
>> know where the problem lies.
>>
>> Good Luck
>
>
DNS is one of those things that either works or it doesn't. It won't
work fine and then gently degrade over time.
Yes, you could use a sniffer, but those mainly show you WHAT type of
traffic your network carries, but it won't really measure, per port, the
amount of bandwidth.
I'm hoping that with all those switches, that they are manageable? Do
you have Cisco's or HP's or something else like that? There might be
some statistics you could gather from the switches. They usually have
per port packet accounting.
|
Similar Threads
Linear Mode
