When someone says ‘the network’, it’s a bit like saying ‘the cloud’ because you have used a single word to conjure up a simple picture in your mind and, because of that, you think it’s something that is simple and straightforward to monitor and manage. Job done, you can go and get a coffee. But, of course, it really isn’t like that. You know your network is a complex web of trunking and cables and devices. It has different types of messages being sent along it, and it can be subject to attack at almost any point.
The other problem with networks is that they grow and change. What starts out as something fairly straightforward that can be drawn on a white board or shown on a PowerPoint slide, soon seems to take on a life of its own as devices become connected to it and new connections are made. Pretty soon, no-one really knows what the actual network comprises. And in many ways that doesn’t really matter as long as it works. But what do you do when you have a problem? What’s the first thing you need to do to solve the problem?
SDS markets IP Problem Finder, which is a suite of four products that run as HTTP services on Windows platforms. The products are: TCP Problem Finder, SSL Problem Finder, IPv6 Problem Finder, and DNS Problem Finder.
Rather than trying to analyze a trace, you can use TCP Problem Finder to identify what devices are active on your network, the IP address of your router, and whether you’re on a VLAN (Virtual Local Area Network). It can recognize types of device, e.g. a desktop or a printer etc. The software can not only resolve IP addresses, it can tell you where they are (even, possibly, abroad). Not only can TCP Problem Finder identify congestion or network traffic errors on subnets, it can identify TCP configuration errors, misconfigured network devices, routes and applications with packet fragmentation, and excessive idle or hanging connections, and other errors – and all by domain name and location.
SSL (Secure Sockets Layer) Problem Finder lets you to decode the traces for SSL or AT-TLS traffic. You can use the product to diagnose SSL handshake problems, assess SSL performance implications, view the certificates and certificate authorities used, view expired or bad certificates, and view encryption algorithm used.
With all the talk of IPv4 addresses running out, many sites are starting to use IPv6. With IPv6 Problem Finder you can decode the traces for IPv6 traffic. Firstly, the software detects IPv4 and IPv6 protocols in the trace. It then identifies what type of IPv6 address is being used. It then performs a detailed analysis of throughput (bytes in flight), duplicate segments, duplicate acks, hangs, resets, segmentation offload, etc. The software can be used to perform root cause analysis, analyze DNSv6, explain multicast, link-local, ULA address types, decode ICMPv6, match tunnelled packets, and compare IPv4 / IPv6 capacity and throughput.
DNS (Domain Name System) controls your organizations domain name’s Web site and e-mail settings and is critical to the functioning of a network. Slowdowns in DNS can cause unforeseen slowdowns in application traffic. DNS Problem Finder lets you to see errors and response times for unicast and multicast DNS. Analysis of both IPv4 and IPv6 DNS queries is supported. Using the product, you can identify response time problems, DNS configuration errors, misconfigured network devices, errors in name resolution, and multicast and unicast queries for the same domain.
As I said, networks can get very complicated, knowing what devices you have can be troublesome, and understanding packet trace data can be time-consuming. Trying to get to the bottom of a network problem using simple network commands (like hostname, ipconfig, ping, netstat, nslookup, route, traceroute, or whois, for example) can take too long on a slowing business-critical system. Using SDS’s IP Problem Finder let’s you diagnose network problems quickly and easily.