Computer Performance, Windows 2003, Exchange 2003, Logon Scripts

3CX Phone System for Windows - VOIP IP PBX

3CX Phone System for Windows -
VOIP IP PBX

Get your 5 free applications now

Application Publishing with 2X ApplicationServer

Windows Server 2003 Performance Monitor - Network

Guy RecommendsGFi Events Manager

A solution to monitor, manage and archive thousands of events that are generated by devices across the entire network. 
Download FREE trial

Guy's Top 10 Free Tools

1) FreePing
2) Network Monitor
3) Xobni
4) PuTTY (UNIX)
5) IP SLA Monitor
6) BgInfo
7) Net-SNMP
8) CatTools 
9) Exchange Monitor
10) WinDiff

Introduction to Network Bottlenecks

Running programs over the network is likely to result in network bottlenecks.  Other causes of high network activity are, roaming profiles, file copying or large print jobs.  Use performance monitor to create a log and calculate the network utilization.

Network Topics

 ♦

Key Network Counters

Begin by selecting these counters:
Network Interface\ Bytes Total/sec
Network Interface\ Bytes Sent/sec
Network Interface\ Bytes Received/sec
Network Interface\ Current Bandwidth

Detecting a Network Bottleneck

Before you launch in detecting network bottlenecks, it's worth checking, and eliminating, hardware problems with the NIC, or a broken cable.  If you are not sure have a look at the device manager or even the system logs.  Any doubts, try changing the network card and the cable, especially if this is an intermittent problem.  Counters that may confirm a hardware problem are: Packets Outbound Errors and Packets Received Errors counters

This network example assumes that your hardware is working properly. There are several cautionary tales with the performance monitor chart below.  Let me see if I can convince you that the maths prove a network bottleneck.

The Bytes / Sec average 913,999.  Beware, System Monitor never uses thousand separators which make the figures awkward to read.  I have often revisited the data because I was out by a factor of ten.  For example, at a glance you could mis-read 913999 as approximately 91,399 or even 9,1399,999.

Performance Monitor - Network Utilization

Diagram 1

You may think that just comparing the red line (Current Bandwidth) with the white line (Bytes /Sec) proves that the network is at full capacity.  On closer inspection of the Scale, you realize that the red line is 10x bigger than the white line.  Now you may revise you estimate and believe that the network is only running at 10% of capacity.  However, there is one more factor, the red line is in bits while the white line is in bytes. 1 bytes = 8 bits.  When you compute all these factors, the network is actually running at 73%.

Summary of Diagram 1

  • White Line Bytes /Sec = 913,999 bytes x 8
  • White Line Bytes /Sec = 7,311,992 bits. 
  • Red Line Current bandwidth = 10,000,000 bits
  • Network Utilization = 73.12%

Background to Networks

One of the amazing features of the original ethernet network is that only one machine can transmit at a time.  Once the network reaches 30% capacity, pure chance means that two machines try and send a packet at the same instant.  The result is more and more collisions start happening, this leads to re-transmissions and a slow down of network traffic.

Networks bottlenecks occur at surprisingly low levels of utilization.  40% would normally be considered a bottleneck, and the only reason that I got a higher value was that there are only three machines on my test network.  The more machines the greater the risk of collisions from two machines wanting to transmit at once.

However, with modern production networks two items of technology have alleviated the above bottleneck problem:
a) Switched networks replacing hubs
b) Faster network cards replacing the old 10MB cards.

Guy Recommends: SolarWinds LANSurveyorSolarwinds LANSurveyor

LANSurveyor will produce a neat diagram of your network topology.  But that's just the start; LANSurveyor can create an inventory of the hardware and software of your machines and network devices.  Other neat features include dynamic update for when you add new devices to your network.  I also love the ability to export the diagrams to Microsoft Visio.

Finally, Guy bets that if you take a free trial of LANSurveyor then you will find a device on your network that you had forgotten about, or someone else installed without you realizing!

Download a Free Trial of LANSurveyor

Problem with Network Segment \% Network Utilization

The problem is that it seems to have been discontinued in Windows 2000 onwards.  Several respected sites claim you can install Network Segment via the Network Monitor, or Protocol Driver.  For what its worth I have tried numerous techniques of getting the counter to appear in performance monitor without success - I agree with Microsoft Network Segment is no longer available.

Microsoft's TechNet article 253790 Says:

SUMMARY
In Windows 2000, installing Network Monitor does not add the Network Segment object in System Monitor as in Microsoft Windows NT.
MORE INFORMATION
To increase the stability and reliability of the Windows Management Instrumentation (WMI) interface, this object has been removed from System Monitor in the Performance tool in Windows 2000. 

Overview of Microsoft Network Monitor 3.2Microsoft Network Monitor v 3.2

Microsoft Network Monitor v3.2 is a tool which captures TCP/IP frames and displays their source and destination addresses along with detailed information stored in the datagram header.  Network Monitor 3.2 works on all modern Windows operating systems, such as Server 2008, Vista, Windows Server 2003 and XP.

Example of Tasks for Microsoft Network Monitor

Whilst it is easy enough to understanding the twin principles of capturing network traffic and displaying information, getting this tool to work can be frustrating for a beginner.  It reminds me of learning to windsurf, at first it seems impossible that I could stand up on that board, never mind manoeuvre the sails.

Most of the problems learning to use Network Monitor stem from being swamped by the sheer volume of data that this utility collects.  The best way to start your voyage is to focus on the filters.  What really helps is if you have a clear purpose for each journey with Netmon, that way you don't get side-tracked by irrelevant menus.  Moreover, each successive journey will be easier because you can navigate by familiar landmarks.

Troubleshooting connectivity problems. 
Let us imagine that DNS is not working.  If you capture the appropriate frames with the Network Monitor, you may discover from the destination address that your machine is trying to connect to a non-existent DNS server.

Calculating server response times. 
Each packet has date / time information, thus you can measure response times for conversations between your computer and various servers.  If necessary you could instigate a conversation with ping.

TCP re-transmissions. 
A significant number of re-transmissions could indicate an intermittent connection problem.

Identify broadcast traffic.
Broadcast traffic is an old enemy of network managers.  You could use seeking broadcast or multicast traffic as an opportunity learn more about Network Monitor, while you check for a well-known network problem.

Additional Counters to investigate

UDP\ Segments Received/sec
UDP\ Segments Sent/sec
TCP\ Frames Sent/sec
TCP\ Frames Received/sec

Server\ Bytes Total/sec
Server\ Bytes Received/sec
Server\ Bytes Sent/sec

Also Check
Output Queue Length
Packets Outbound Discarded
Packets Outbound Errors
Packets Received Discarded
Packets Received Errors

Solutions to Network Problems

  • Check that the NIC and cable are good.
  • Add another network card.
  • Segmentation - change your subnet mask, add routers.
  • Switches - install a packet switch.
  • Reduce Protocols - (Any old NWLink?)
  • If you must have more than one protocol, check the bindings order in the network icon.

Guy Recommends:  The Orion Network Performance Monitor (NPM) 9.5Review of Orion NPM

Orion's performance monitor is designed for detecting network outages.  This NPM will guide you through troubleshooting by indicating whether the root cause is a broken link, faulty equipment or resource overload.  Because it produces network-centric views, it is intuitive to navigate, and as result you can see easily what's working and what's not.

Perhaps Orion's best feature is the way it suggests solutions.  Moreover, if problems arise out of the blue, then you can configure Orion NPM 9.5 to notify members of your team what's changed and how to fix it.

If you are interested in testing a professional performance monitor on your network, then I recommend that you take advantage of Solarwinds' offer of a download a free trial of Orion's Network Performance Monitor.

More Help for Detecting Computer Bottlenecks


Download your eBook: The Art and Science of Performance Monitoring  for only $5.25

Performance MonitorLearn the secrets of which counters to monitor.  Master performance monitor logging, develop your skills with structured exercises and examples.   Print out a copy to read, while you design logs and alerts to detect network bottlenecks.

 *

Google

WebThis Site

Guy Recommends the Free IP SLA MonitorFree IP SLA Monitor

The IP SLA Monitor not only helps to discover network bottlenecks, but also teaches you about router traffic.  See how effortlessly this free monitor analyzes and then displays the IP statistics.

The key to configuring is to select the data most relevant to your network, for example, ping echo, DNS resolution times, or HTTP statistics. 

Download your free copy of IP SLA Monitor

 

Home Copyright © 1999-2009 Computer Performance LTD All rights reserved

Please report a broken link, or an error.