Table of Contents
An excellent Cisco network engineer should be able to solve problems in the fastest and most efficient way in case of network failure. A good troubleshooting tool will bring better efficiency. Today, I will recommend some network troubleshooting tools commonly used by Cisco network engineers.
Network packet capture
The network packet capture has many uses, one of which is troubleshooting. The most common use is to determine whether the network behavior is normal by the number of packets captured. For example, a large number of ARP data packets will be received in the event of an ARP virus outbreak; The attack behavior is often reflected in a large number of data packets (generally, it is not the first step to determine the attack behavior, but it is necessary to capture the packets when determining the attack characteristics).
Simple Network Management Protocol (SNMP)
In the enterprise environment, SNMP tools, such as SolarWinds network performance monitor, HPE network node manager i(NNMI) or CA Spectrum, can monitor the health of network devices and specific interfaces. These tools can also set alerts to notify Cisco network engineers when a specific interface or device is down, which helps administrators quickly clear the root cause of network outages.
Protocol analyzer
Protocol judgment: when communicating with win2008 and Win2003, the windows are too small due to incompatibility of windows scale. When the program design is appropriate, the communication changes are extremely slow. These judgments are based on packet capture protocol analysis.
The protocol analyzer one of network troubleshooting tools, is very useful for investigating the data flow to the packet level. Through this tool, you can view the specific interaction between the client and the server. It is a software that intercepts and records data packets. For example, if the connection between a specific PC and the application residing on the server is slow, you can use the protocol analyzer to identify any communication and delay problems or other problems that may be the root cause.
NetFlow analysis
NetFlow is a data exchange mode. Its working principle is that NetFlow uses the standard exchange mode to process the first IP packet data of the data stream and generate a NetFlow cache. Moreover, NetFlow cache also contains the statistical information of the subsequent data stream.
From the perspective of network troubleshooting, NetFlow analysis can quickly track phenomena such as changes of top-level applications, top-level hosts, and network flow behavior to find problems such as bandwidth pig.
Centralized log system
Decrypting network device logs is a very useful troubleshooting technique. The software we need to use is syslog-ng and php-syslog-ng. The machine installed with syslog-ng and php-syslog-ng (of course, it also needs the support of Apache, PHP and MySQL) serves as the server of the system. All other servers or network devices serve as clients and send syslog information to the syslog-ng-server through UDP protocol. The syslog-ng server records these logs as log files or inserts them into the MySQL database. Further, This operation is simplified by collecting and storing the logs of all network devices into the central repository.
In addition, professional Wi-Fi analyzers, such as Netscout AirMagnet or Ekahau spectrum analyzer. It can well solve the needs of enterprises to maintain high reliability and ubiquitous Wi-Fi.