Computer Performance, Windows 2003, Exchange 2003, Logon Scripts

3CX Phone System for Windows - VOIP IP PBX

3CX Phone System for Windows -
VOIP IP PBX

Get your 5 free applications now

Application Publishing with 2X ApplicationServer

Windows Server 2003 Performance Monitor - Network

Guy RecommendsGFi Events Manager

A solution to monitor, manage and archive thousands of events that are generated by devices across the entire network. 
Download FREE trial

OpusFlow Exchange
Group Calendar

OpusFlow Exchange Group Calender

Introduction to Network Bottlenecks

Running programs over the network is likely to result in network bottlenecks.  Other causes of high network activity are, roaming profiles, file copying or large print jobs.  Use performance monitor to create a log and calculate the network utilization.

Network Topics

Key Network Counters

Network Interface\ Bytes Total/sec
Network Interface\ Bytes Sent/sec
Network Interface\ Bytes Received/sec
Network Interface\ Current Bandwidth

Detecting a network bottleneck

There are several cautionary tales with this performance monitor chart.  Let me see if I can convince you that the maths prove a network bottleneck.

The Bytes / Sec average 913,999.  Beware, System Monitor never uses thousand separators which make the figures awkward to read.  I have often revisited the data because I was out by a factor of ten.  For example, at a glance you could mis-read 913999 as approximately 91,399 or even 9,1399,999.

Performance Monitor - Network Utilization

Diagram 1

You may think that just comparing the red line (Current Bandwidth) with the white line (Bytes /Sec) proves that the network is at full capacity.  On closer inspection of the Scale, you realize that the red line is 10x bigger than the white line.  Now you may revise you estimate and believe that the network is only running at 10% of capacity.  However, there is one more factor, the red line is in bits while the white line is in bytes. 1 bytes = 8 bits.  When you compute all these factors, the network is actually running at 73%.

Summary

White Line Bytes /Sec = 913,999 bytes x 8

White Line Bytes /Sec = 7,311,992 bits. 

Red Line Current bandwidth = 10,000,000 bits

Network Utilization = 73.12%

One of the amazing features of the original ethernet network is that only one machine can transmit at a time.  Once the network reaches 30% capacity, pure chance means that two machines try and send a packet at the same instant.  The result is more and more collisions start happening, this leads to re-transmissions and a slow down of network traffic.

Networks bottlenecks occur at surprisingly low levels of utilization.  40% would normally be considered a bottleneck, and the only reason that I got a higher value was that there are only three machines on my test network.  The more machines the greater the risk of collisions from two machines wanting to transmit at once.

However, with modern production networks two items of technology have alleviated the above bottleneck problem:
a) Switched networks replacing hubs
b) 100MB network cards replacing the old 10MB cards.

Problem with Network Segment \% Network Utilization

The problem is that it seems to have been discontinued in Windows 2000 onwards.  Several respected sites claim you can install Network Segment via the Network Monitor, or Protocol Driver.  For what its worth I have tried numerous techniques of getting the counter to appear in performance monitor without success - I agree with Microsoft Network Segment is no longer available.

Microsoft's TechNet article 253790 Says:

SUMMARY
In Windows 2000, installing Network Monitor does not add the Network Segment object in System Monitor as in Microsoft Windows NT.
MORE INFORMATION
To increase the stability and reliability of the Windows Management Instrumentation (WMI) interface, this object has been removed from System Monitor in the Performance tool in Windows 2000. 

Network Monitor Network monitor Utilization

Microsoft have supplied Network Monitor from NT 4.0 onwards.  I mainly use the Network monitor to troubleshoot connectivity problems, however you can use it to check network utilization.  The diagram to the right shows a peak of about 85% and an instantaneous value of 81 or 82.  This is merely a snapshot and unfortunately the Network monitor does not keep permanent records of network utilization.

Additional Counters to investigate

UDP\ Segments Received/sec
UDP\ Segments Sent/sec
TCP\ Frames Sent/sec
TCP\ Frames Received/sec
 

Server\ Bytes Total/sec
Server\ Bytes Received/sec
Server\ Bytes Sent/sec

Solutions to Network Problems

  • Add another network card
  • Segmentation - change your subnet mask, add routers
  • Switches - install a packet switch
  • Reduce Protocols - remove NWLink if you have no more Novell 3/4 servers
  • If you must have more than one protocol, check the bindings order in the network icon

 

 


 Download your eBook: The Art and Science of Performance Monitoring  for only $5.25

Performance MonitorLearn the secrets of which counters to monitor.  Master performance monitor logging, develop your skills with structured exercises and examples.   Print out a copy to read, while you design logs and alerts to detect network bottlenecks.

 

 More pages for detecting bottlenecks

 

 *

Google

WebComputerperformance.co.uk

GFi Events Manager

Guy Recommends: GFi EventsManager

Here is a solution to monitor, manage and archive thousands of events that are generated by devices across your entire network.  Get your free evaluation copy of GFI EventsManager.

 

Home Copyright © 1999-2008 Computer Performance LTD All rights reserved

Please report a broken link, or an error.