Page 1 of 2 12 LastLast
Results 1 to 20 of 34

Thread: Need tips on optimizing a small network.....

  1. #1
    R.I.P. 2018-07-16 RoundEye's Avatar
    Join Date
    Jul 2000
    Location
    In a dry but moldy New Orleans, Louisiana
    Posts
    18,219

    Cool Need tips on optimizing a small network.....

    Lets say you get a call from a prospective client that says his IT guy has brought their network to it's knees.

    What's the first thing you would check, tweak, or reconfigure to get the network up and running?

    Last Friday we got a call like that. We went out to the client's business to have a quick look at what they had. They have about six servers, some NT, some Win2K. About 80 client machines most on-site but some coming in through modems via VPN. There is about ten switches, and hubs and one fiber node. The part that is really bad, is that through the fiber node he is only getting about 7k throughput, we checked this with Anasil 2.2.

    The guy that is running it now is not happy at all that we are there, and is giving us very little info on the network. We only had about two hours Friday to assess the network and we're going back in the morning (Monday)

    From what we could get from the guy is all the PC's to have current anti-virus software and he said he's checked everything "so he doesn't know why we are there".

    Anybody have any tips on getting this network back up to full speed?

    We're still not sure which apps they are running yet, we going to get all that straight Monday. The company supplies food products, and takes/ships/tracks orders through some type of database program.

    Sorry about the lack of info, will have more Monday.

    Thanks :2cool:
    Sliding down the banister of life ..........................

  2. #2
    Imperial Impotentate brembo's Avatar
    Join Date
    Mar 2001
    Location
    crawlspaces
    Posts
    18,725
    Build a script that checks the network settings off the comps, put it on a floppy, make like three copies, and check three machines at a time. I know NOTHING of scripts, maybe Norm could whip one up to display the bindings/protocols, and ip info....
    Tao_Jones Cult Member since 2004
    I gave Miss Manners a Dirty Sanchez, and she LIKED it.

  3. #3
    Uninsured for your health
    Join Date
    Jan 2001
    Location
    Stockton, CA
    Posts
    10,032
    I would check for bad lines. is the speed good from server to client?

    Meaning that files can be accessed from the servers with no problems in regard to speed. Also check router configs, SWitches also are a place to look. I beleave on Cisco switches, there's a setting for bandwidth in regard to VLANS, I remember seeing something like that...haven't touched a switch since December...
    Quote Originally Posted by Three Rivers Designs
    America! Love it or give it back!

  4. #4
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,942
    Check the lines physically (condition wise), how are the switches cascaded to each other (and are they good switches?), the fiber line....and transievers...what physically is wrong with them (fiber almost broken?)

    What is managing TCP/IP?

    A couple of years ago two of us were hired to help out this manufacturing plant...their IT staff was small and overwhelmed....but they feared being ousted...and made life impossible for us to help. It's a sucky situation. It's really hard trying to take over and diagnose somebody elses network, especially when they don't want you to.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  5. #5
    R.I.P. 2018-07-16 RoundEye's Avatar
    Join Date
    Jul 2000
    Location
    In a dry but moldy New Orleans, Louisiana
    Posts
    18,219
    Well we managed to piss off the IT guy big time. So far we've found a bad hub and switch and a bunch of PC's configured improperly.

    We got the throughput on one node up from 24kbs to over 3meg. It made a drastic change logging on and moving data around on the network.

    The IT guy's boss started asking us lots of questions about what we did to get the network running so much better and why his IT guy couldn't figure out what was wrong. It was a touchy situation, we didn't want to rat on the IT guy, but we had to justify our actions. In a nutshell the guy really doesn't know what he's doing. He wasn't even sure what the difference was between full-duplex and half-duplex.

    We still have a lot more to get configured properly, but it looks like we are on the right track.
    Sliding down the banister of life ..........................

  6. #6
    javaallnight
    Guest

    Talking

    Roundeye,

    We had a similiar problem on our Fiber switches! What kind of switches are they using? Are they 3 com...if so I have your answer. 3 com requires you use specifically 568b or 568a when wiring your CAT5. It will run with other wiring schematics but not near as fast. You should also have a wiring schematic of 568b to 568a on like nodes.

    I would really need more information if I am going to help you!

    Javaallnight

  7. #7
    R.I.P. 2018-07-16 RoundEye's Avatar
    Join Date
    Jul 2000
    Location
    In a dry but moldy New Orleans, Louisiana
    Posts
    18,219
    Thanks for the offer. I guess by habit I wire all of the cables 586b. The hubs are Bay Networks which is now owned by Nortel.

    My next problem is that I have a hub or switch broadcasting 64 bit packets about every five seconds. I think it's a hub or switch because I can't get an IP on it. The only info I can get it the MAC address which is 00:01:81:FA:39:90 I looked it up and it's an address allocated to Nortel. It's not flooding the network, but the current IT guy thinks it's the problem with the network throughput, never mind the fact he only had 24K throughput when we first got there. We managed to get the network to three meg which is about 125 times faster.

    I also noticed a lot of netbios traffic being broadcasted from one of the BDC's causing some network traffic, not a lot though. I'm just not sure why this one server out of four is broadcasting like that though.

    The more I find wrong with the network, the more unfriendly the IT guy gets. He really starting to be a prick about things at this point to be honest. I think he might realize that he may lose his job over this since his boss had to bring in outside help.

    We really did find a lot of little things that were wrong, and a man with his claimed experience, should have been able to figure out.
    Sliding down the banister of life ..........................

  8. #8
    Moderator Bouncer's Avatar
    Join Date
    Oct 1999
    Location
    OCONUS
    Posts
    4,834
    The 64 bit packets sounds like a MAC address broadcast.

    Which makes me wonder if some device on that link isn't ARPing a lot, and the switch responding.

    Regards,
    -Bouncer-

  9. #9
    R.I.P. 2018-07-16 RoundEye's Avatar
    Join Date
    Jul 2000
    Location
    In a dry but moldy New Orleans, Louisiana
    Posts
    18,219
    Bouncer, thanks for the input.

    Is there any way I can capture the data, without having an IP?

    I used Telnet to get into some of the switches today. I looked at the mac address mappings to get a better idea of which port the other mac address is on. After Telnetting into about six switches, I found the mac I was looking for. It was on port 13 which uplinks to a hub. Now my next problem is that port 13 shows ten mac addresses since it uplinks to a hub. Connected to the hub in question is a couple of print servers and the rest of the ports are PC's. I guess it's time to start pulling cables out of the hub untill the broadcast stop.

    Eventually I will find the elusive device that's barking out broadcast on this network.

    It's a personal vendetta now.
    Sliding down the banister of life ..........................

  10. #10
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,942
    Jet Direct card awaiting configuration?
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  11. #11
    Moderator Bouncer's Avatar
    Join Date
    Oct 1999
    Location
    OCONUS
    Posts
    4,834
    I've done the same thing. Pull the wires to see which stops the bcasting/storming.

    There's probably a device on the other side of the hub broadcasting for an address, via DHCP. The hub is just repeating this towards the switch who is helpfully trying to find the DHCP server out it's own interfaces.

    I'd do an ipconfig on any of the hosts connected to the hub to see if one has dual eth cards or for some reason has stacked addresses (two ip stacks on one card).

    ... or you could just pull the cable till the lights go out which is probably faster.

    As for capturing the data, there's a couple of sniffer programs out there, you just need to hook it directly to the hub.

    Here's a list, some are freeware and work decently well:
    http://tangentsoft.net/wskfaq/resources/debugging.html

    Regards,
    -Bouncer-

  12. #12
    R.I.P. 2018-07-16 RoundEye's Avatar
    Join Date
    Jul 2000
    Location
    In a dry but moldy New Orleans, Louisiana
    Posts
    18,219
    Bouncer,
    Thanks for the link. Next Wednesday I should be able to get to the bottom of this. They bring the network down for one hour to back up two Unix servers that they have. Since they run 24/7 I can't just start yanking cables right at this time.

    I have my suspicions that it is a print server that is configured for Unix but not for TCP/IP, like YeOldeStonecat mentioned.
    I know squat about Unix and I think they have them configured for a UNC path. I've been unable to determine how the printers are connected to the Unix servers and when I asked the on-site IT guy all I got was, "hey that's why your here, you figure it out"

    I've only been working on computers for about eight months now so troubleshooting this has been a fun/educational/challenging experience for me. That's why I think their guy should have been able to find all of these problems.
    Sliding down the banister of life ..........................

  13. #13
    Moderator Bouncer's Avatar
    Join Date
    Oct 1999
    Location
    OCONUS
    Posts
    4,834
    Really? He said that?

    My response has always been: "Okeydoke, Let's take your lack of cooperation up with your boss, as he's the one paying your salary and my bill."

    Regards,
    -Bouncer-

  14. #14
    R.I.P. 2018-07-16 RoundEye's Avatar
    Join Date
    Jul 2000
    Location
    In a dry but moldy New Orleans, Louisiana
    Posts
    18,219
    Originally posted by Bouncer
    Really? He said that?

    My response has always been: "Okeydoke, Let's take your lack of cooperation up with your boss, as he's the one paying your salary and my bill."

    Regards,
    -Bouncer-
    Yep, to say he's been uncooperative is an understatement. I was told by my boss to just grin and bear it for a short time (he knows what I'm up against and is behind me), and to document everything that was said and any changes that we made to the network. My boss and the "IT guy's" boss met at their kids little league baseball game, so things are getting back to upper management "behind the scenes".

    A full report will be disclosed to his boss when the job nears completion.

    As of Friday any changes that we made have had a positive effect. No files or packets have been dropped and the transfer rate is staying consistent now. I may have to fly to their other branches now and do the same thing. The IT staff at the other branches have been very helpfull, but to be honest, they are not much more then office managers with a strong computer background. Maintaining the network is not their main job.

    Thank you and YeOldeStonecat for the help, it's meant a lot to me.

    .... I may be ready to get off the porch and run with the big dogs now.
    Last edited by RoundEye; 03-11-02 at 12:05 AM.
    Sliding down the banister of life ..........................

  15. #15
    SG Enthusiast
    Join Date
    Jun 2000
    Location
    Columbus, Ohio
    Posts
    4,438
    That is a tough situation to deal with.

    A couple ideas that may help.

    If you have to say or write anything, make each point as concise as possible.

    If it is a factual issue, state its as "I believe" or As I understand it"

    The words, "you", "he", and "they" should be avoided at all costs.

    Now, when these things get discussed, they get discussed in a non-critical manner, or a manner that is critical of you.

    "I disconnected all the computers and print servers from switch A, and when I disconnected printserver B, the broadcasting stopped."

    Either you are right or you are wrong. The IT guy has no way to go except to say that you are right or wrong. If you blow one, well, that happens. You stand up to it.

    Last time I had to do this in writing the guy was axed on the spot. I didn't want that, but there was no other solution.

    It ain't much fun, but you learn a lot.

    Kip

  16. #16
    R.I.P. 2018-07-16 RoundEye's Avatar
    Join Date
    Jul 2000
    Location
    In a dry but moldy New Orleans, Louisiana
    Posts
    18,219
    Originally posted by Kip Patterson
    .......Last time I had to do this in writing the guy was axed on the spot. I didn't want that, but there was no other solution.

    It ain't much fun, but you learn a lot.........
    That's exactly what I don't want. I don't want to be the cause of someone losing their job, especially after seeing pictures of his wife and two kids on his desk. On the other hand, if he knew what he was supposed to know, his job would not be in jeopardy.


    ....it really is a dog eat dog world...
    Sliding down the banister of life ..........................

  17. #17
    Regular Member Partial's Avatar
    Join Date
    Feb 2002
    Location
    Virginia
    Posts
    234
    Cmon...

    This isn't a dog-eat-dog situation. This guy doesn't know what he is doing and he is feeling the pressure now because he might lose his job. But he won't lose it because of bad performance, or disappointing his boss or showing up to work late. He will lose it because he is not capable of the responsibilities that he has. He is doing just enough to get by which is not enough. It sounds like too much responsility for a single IT guy anyway. This guy is costing the company money and probably creating more security/efficiency/performance problems in the process.

    Its difficult not to be condsiderate of a guy with a wife and kids, and we should be considerate and respectful. But some changes need to be made. The guy needs to be trained or put under a new senior Net Engineer. Roundeye, you just need to be professional and completely objective. You don't have the power to fire this guy. Present the situation as is to the boss without pointing fingers, and let the boss ask the questions and figure out why the problems were there. Hopefully they can keep him in some way, or he may just have to find another job.

  18. #18
    R.I.P. 2018-07-16 RoundEye's Avatar
    Join Date
    Jul 2000
    Location
    In a dry but moldy New Orleans, Louisiana
    Posts
    18,219
    Ready for an update? OK....here goes.....

    After a conference with my boss, his boss and the "IT guy" he got a lot more co-operative, but not completely. I say this because when I went back on Wednesday the network was at a crawl again. I was assured by the IT guy that after he changed a switch the network would be up to speed again. It did get up to speed after the switch was replaced. I later found out he was there untill two in the morning "fixing something". Also the MAC address I was looking for (00:01:81:FA:39:90) just dissappeared off the network. I have no clue where it went, but after scanning the network again I still can't find it. I don't think it was a laptop that someone took home either.

    Here's my next mystery, I seem to have a switch that has two MAC address's and one of them is just broadcasting on the network. In the pic you can see it (00-04-DC-F9-69-69) and the IP I had to use to Telnet into it (10.220.50.121) which is tied to MAC 00-04-DC-F9-69-68. ( I edited out computer names)

    Just another note the IP 10.220.200.155 is my laptop.



    Also why is the IP showing a MAC address when I Telnet into the switch in question?



    And why would there be so much broadcasting going on? (look at the 69-69 MAC, and the 69-68 MAC is not on the list)

    Last edited by RoundEye; 03-17-02 at 10:12 PM.
    Sliding down the banister of life ..........................

  19. #19
    R.I.P. 2018-07-16 RoundEye's Avatar
    Join Date
    Jul 2000
    Location
    In a dry but moldy New Orleans, Louisiana
    Posts
    18,219
    Update part II:

    Here's some of the changes that I made on the network to speed up file transfer from "computer A" to the Unix server. "Computer A" has to FTP files to the Unix server multiple times during the day, and the speed was real low. Keep in mind that this network has about 130 nodes consisting of laptops, desktops, networked printers, Unix and NT servers and two remote locations via a 256k link. I'm no artist either.

    Before



    Now what I did was get a bunch of the duplex settings corrected in the switches. Since throughput was low on computer "A" I ran two more cat cables to help with throughput. There was approx. 60 PC's connected to hubs 4, 5, 6 and they all shared one line to fiber switch 3. I did this because in order for computer "A" to get data to the Unix server it had to go through hubs 6, 5, 4, then to the fiber switches 3 and 7. I also changed the way switches 1, 2, 3, were uplinked. After I did this throughput from computer "A" to fiber switch 7 went from around 24k to about 1.8 meg, depending on other network traffic.

    Questions:
    Are switches 1 and 2, and hubs 4, 5, 6 uplinked properly to the fiber switch 3 now?

    Can the throughput be improved any?

    After

    Sliding down the banister of life ..........................

  20. #20
    rchris494
    Guest

    DUMP THE HUBS!

    get rid of hubs they have way to many collisions and they suck! if the want to invest in something that is worth while get a brouter! bridge/router. the best would be a cisco. there is only one place in the world for a HUB and that is the trash can. a hub could never send an IP packet to the right spot if it tried! hubs are only good for slowing down networks cause they broadcast the packet to all computers switchs and what ever they will send any IP packet in all directions. or even go to a cheap router where those hubs are! every where a hub = JUNK! and repalce it with anything but a HUB! as for mac address everything that has to do with networking uses a MAC address it is standard. but hubs will send IP packets out even when the whole network is at rest!

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •