Manuals / Finisar / Computer Equipment / Network Card

Finisar Surveyor manual Alarm Example, MAC Errors

Models: Surveyor

1 454

Download 454 pages 42.92 Kb

Page 200

Surveyor

User’s Guide

Alarm Example, MAC Errors

Figure 9-7. Alarm Example, MAC Errors

This example shows an alarm group consisting of five MAC Layer alarms: Errors (two alarms), Oversize Frames, CRC/Alignment, and Fragments. Each of these alarm counters are checked at five-second intervals. When an alarm threshold for any of these five alarms is exceeded, Surveyor issues an audible alarm and displays a message in Surveyor’s message window.

Assume that overall error rate is of particular interest in this example. The Severity setting instructs Surveyor to include a Warning message with all alarm messages when the error rate is greater than 250. The Actions setting instructs Surveyor to send an e-mail message whenever the rising value (threshold) for the overall error rate exceeds 250.

9-16

Image 200

Finisar Surveyor manual Alarm Example, MAC Errors

Contents

Surveyor Trademarks and Copyrights Finisar Software License AgreementLicense TermLimited Software Warranty Restricted Rights LegendPatent and Copyright Indemnification Limitation of LiabilityCustomer Support Phone Customer Support FAXInternet Address World-Wide Web Mailing AddressTable of Contents Configuring Surveyor SurveyorResources and Modes ViewsTransmit Specification Capture and Display FiltersAlarms 10-110-15 10-58 10-102 Multi-QoS 11-112-1 13-1Counters UtilitiesImplementation Profile Pre-Defined Filter TemplatesKeyboard Shortcuts Parser NamesList of Figures 10-1 List of Tables Application Layer Host Table View, Table Column Descriptions 11-21 11-8 Surveyor Introduction Function Description Surveyor FunctionsSurveyor Functions Introduction Analyzer Devices Protocols SupportedFinisar Analyzer Devices Finisar Device DescriptionXNS AppleTalk Phase2 DECnet PhaseOracle Suite IPX/SPX Suite Banyan Vines SuiteIBM ISO Whats New in Release Capture to Disk and THGsE Analyzer SupportDisk Caching Capture ManagementNew and Enhanced Protocol Decodes Expanded Multi-QoS SupportSmnp Extended Agent Surveyor System Requirements System RequirementsRAM PIIDesktop PC Upgrading SurveyorSupported Analyzer Cards and Network Adapter Cards Installing Surveyor Installing Analyzer Hardware Installing Analyzer Hardware in a Desktop PCInstalling the THGm, Windows NT Installing THGm, Windows 2000/XPInstalling Analyzer Hardware in a Notebook PC Cdrom Installation Installing More Than One Analyzer Card in a Notebook PC Compatibility Matrix Hardware/Software Compatibility MatrixSurveyor Surveyor System Launching SurveyorDefault Account Names, Passwords and Privileges Basic Navigation Tips Surveyor Getting Started Module Toolbar Summary View Buttons and ToolbarsSurveyor Toolbar Buttons and Toolbars Detail View Toolbar Getting Started Data Views Toolbar Getting Started Surveyor Design window Filter Design ToolbarFilter States Design Toolbar Surveyor Capture View Toolbar Surveyor Getting Started File Formats Providing a Name Table to Surveyor Establishing Links for THGm Docking Windows Configuring the InterfaceCustomizing Views and Windows Capture View Display Options Configuring Surveyor Setting Histogram Colors Histogram OptionsSetting Histogram Zoom Factor Setting the Histogram Download SizeSetting the Monitoring View for a Module Choose Monitor View PreferencesConfiguring Chart Views Table ViewsModule Settings Properties Hardware Device PropertiesDefault Module Settings Module Setting Default ValuesBuffer Size Packet Slice Slicing SizeExpert Analysis Mode Non-Well-Known-Ports ModeStop-and-Save Capture Buffer ModesSystem Settings Monitor M-QoS Only ModeConfiguring Ports to Scan WKP4620Configuring Remote Communications RSP Time Out valueSetting Update Timers Protocol Color CodingDefault Display Timer Settings Display Timer Default ValueDisk Capture Location Disk OptionsCache File Location Configuring Alarms Configuring Counter LoggingHistory Log File Settings and Default Values Log Setting Mmddhhmm.ss Mmmonth ddday hhhour mmminute sssecondConfiguring a Multi-Port Tap or Switch Configuring a Multi-Port Tap or Switch Settings for Analyzer Devices Setting the Local COM Port for Taps and SwitchesConnecting a Tap with THGs or THGsE Resetting an Analyzer DeviceClick the Reset Host/Image Upgrade button Updating an Analyzer DeviceSurveyor.ini File Advanced ConfigurationCustomizing Expert Diagnostic Information Mapping= port num,short name,long name Assigning Names to Protocols MonitorMONITOR.INI Format Port num Short nameLong name MONITOR.INI ExamplesMapping=2900,VIDEO,Video Audio Network Communicator Mapping=921,CXP,Company X ProtocolMapping=6063, XWIN6063,X Windows on port How Surveyor Assigns Protocol Names Monitoring Well-Known Ports11. Default Names for Non-WKP TCP Ports 12. Default Names for Non-WKP UDP PortsMonitoring Non Well-Known Ports Name TCP port valuesAssigning TCP or UDP Ports to Protocol Parsers Mapping=port num,ip addr,parser name,name Port numIp addr Parser nameParser Names Surveyor Resources and Modes Resource BrowserRemote Resources Surveyor SoftwareNaming Remote IP Resources Aliases Host Properties Dialog Box for Establishing an AliasPrivilege Description Resource ProtectionRemote User Privileges Settings option from the Module ModesHardware Devices Surveyor Resource Modes Description Resource TypeHardware Device Capabilities Ndis Synchronized ResourcesHardware Device Capabilities Hints and Tips for Resources Surveyor Views Static Data Tab Description/Action Summary ViewModule Window Tabs Within Summary View Detail View VlanDetail View Using Capture + Monitor Mode in Detail View Summary Pane Capture ViewCapture View Window Configuring the Capture View Display Creating Filters from Capture ViewExporting and Printing Decodes Display OptionsHistogram Options Other OptionsHistogram Color Coding Histogram Display and Button ControlsViews Histogram Display Showing Colors Histogram Default Colors Histogram Display, Large Capture ExampleHistogram Button Controls Histogram Mouse Controls Sizing/Selecting Areas with the MouseRight Mouse Options in the Histogram Saving Portions of the DataLine Graph or Stair Step Linear Scale or Logarithmic ScalePacket Editor Resume AnalysisPacket Editor Buttons Button Description/ActionData Views Editing in Decode ViewEditing in Hex View Ring Statistics View Token Ring OnlyMAC Statistics View Rx MAC Statistics View CaptureMAC Statistics View Tx Frame Size Distribution ViewChart Protocol Distribution ViewProtocol Distribution View, Chart Buttons Protocols Chart Button Description/ActionProtocol Distribution View, Chart Buttons Packets NETUtilization/Error View Protocol Distribution View, Graph Type ButtonsDisplay Button Description/Action 10. Protocol Distribution View, Table Column DescriptionsHost Table View 11. Host Table View, Table Column DescriptionsNetwork Layer Host Table View 12. Network Layer Host Table View, Table Column Descriptions Application Layer Host Table View Host Matrix View 14. Host Matrix View, Table Column Descriptions Network Layer Matrix View 15. Network Layer Matrix View, Table Column DescriptionsApplication Layer Matrix View 16. Application Layer Matrix View, Table Column Descriptions VlanVlan View Table Column Description Address Mapping View17. Vlan View, Table Column Descriptions Duplicate Address View Expert plug-in only 18. Address Map View, Table Column Descriptions19. Duplicate Address View, Table Column Descriptions Vlan IDMulti-QoS View Multi-QoS software only Expert View Expert plug-in onlyApplication Response Time View Expert plug-in only Hints and Tips for Using Views Surveyor Filter Design window Getting Started with the Filter InterfacePress the Create/Modify Capture Filter Creating Filters with Filter Templates Available Filter Templates boxAdd Port Numbers to Custom Filter Templates Sample Filter Design window is shown below Creating and Applying a Conversation Protocol and Frame TypeStation Addresses ISL, Q+EV2Traffic Direction Indicator Apply Conversation to Template Check BoxCreating and Applying a Port Number Selecting Filter TemplatesDefining Port Numbers Conversation Element DescriptionCustom Templates Based on Pre-Defined Templates Multiple Byte Patterns in Filter TemplatesCreating Custom Filter Templates Custom Templates Based on Specification of Byte Patterns Entering Values that Cross Byte Boundaries Bit-Level Filtering Filter Creation Creating Filter Template CombinationsFilter Actions Operator Buttons for Template Combinations DescriptionNot Template Combination boxActions for Capture Filters Capture Filter ActionsAction Description Packets until the buffer is %% full fieldDisplay Filter Actions Actions for Display FiltersCounter Conditions for Filters Global Values that Affect Capture Filter Actions Frame TypesCapture Filter Global Values Capture Filter Global DescriptionMulti-State and Multi-Statement Filters Frame types are shown in TableExample Filter States Design Window Filter Structure GoTo Current State Filter StatesChanging States Changing Filter Operation Filter Statements Activating Capture Filters Capture and Display Filter DifferencesActivating Display Filters Filter Examples Filter Example, Capture ConversationSurveyor Filter Example, Template Combination Filter Design Window, Template Combination ExampleSurveyor Filter Example, Capture TCP Port Traffic Filter Design Window, Capture TCP Port ExampleSurveyor Filter Example, Advanced Filter Advanced Filter, Filter States Design WindowRules of the Capture or Display Filter Hints and Tips for Using Filters Filtering Tips Unique to THG-class Devices Transmit Specification Transmit SpecificationsTransmit Specification Dialog Box Defined Streams List BoxRadio Buttons and Fields for Defining a Stream Transmission Mode and Status Controls Transmit Specification Control ButtonsStream Buttons Stream Function ButtonsRepeating Frames Transmit Specification Control ButtonsControl Button Transmit Specification Function Surveyor Stream Mode Rate Setting Stream ModesBursts Stream ModesPacket Editor Transmission ModeSpecifying Transmit Data Changing Fields Directly in the Dialog Box Packet Editor Button Editing FunctionDA and SA Fields Packet TypePacket Size Data FieldUsing Templates Creating TemplatesTransmit Specification Examples Transmitting Capture FilesTransmit Specification Example, Packet Gaps Transmit Specification Example, Bursts Transmit Specification Dialog Box, BurstsHints and Tips for a Transmit Specification Surveyor Alarms Current Module Alarms Current Module AlarmsAlarms Mqos Alarm EditorAlarm Editor Description Multi-QoS Alarms Data Link Layer, Ethernet Expert AlarmsTransport Layer Using Alarms with Different Devices YESThresholds and Alarms Alarm Actions Alarm Actions Description Support by Host TypeLog File Settings Mail SettingsAlarm Actions SettingsPager Settings Snmp Trap SettingsTrap Settings for THGs Trap Settings for Surveyor Hosts Viewing the Alarm List and the Alarm Log Hints and Tips for AlarmsAlarm Examples Alarm Example, UtilizationAlarm Example, MAC Errors Alarm Example, MAC ErrorsAlarm Example, Frame Size Alarm Example, Frame SizeAlarm Example, VoIP Calls Alarm Example, Call Jitter and Call Setup TimeAlarm Example, Expert and Application Response 10. Alarm Example, Expert and Application ResponseSurveyor Expert Features Expert System Views Getting Started with Expert ViewApplication Response Time View Duplicate Network Address ViewExpert Features Expert Overview Details Expert Overview Detail Table Example Expert Layers Layer DescriptionExpert Application Layer Example 10-8 Expert Symptoms and Analyses by Layer Expert Analyses Tables in the Detail Area for Symptoms Expert Symptoms, Analyses, and Network EntitiesSymptoms Entities AnalysesTables in the Detail Area for Analyses Entities for the Transport Layer Example Network Lists for Entities Application/Session Lists for EntitiesTransport Lists for Entities Data Link Lists for Entities Expert Diagnostic Messages Expert Diagnosis ExampleConfiguring the Expert System Working with the Expert SystemModule Settings for the Expert System Setting Expert AlarmsWorking with Timestamps Exporting Expert DataPrinting Expert Data Application Response Time Working with Analyzer DevicesRate of change of SMB Mailslot Broadcasts=40 Application LayerExcessive Mailslot Broadcasts Login attempts=4 FTP Login AttemptsExpert Symptom Missed Browser Announcement Time passed since last announcement=4000 ms 3000 msNCP File Retransmission Between 00000010.0207012303E3 and 302A9950.000000000001NCP Read/Write Overlap NCP Request Denied Requests denied within 100 ms=5NCP Request Loop Loops on same request in 100 msNCP Server Busy Rate of change of NCP Server Busy=5NCP Too Many File Retransmissions File retransmission ratio is 8 / 28 = 28%NCP Too Many Requests Denied Requests denied ratio is 8 / 28 = 28%NCP Too Many Request Loops Requests loops ratio is 8 / 28 = 28%NFS Retransmissions No Http Post Response Http Post request not respondedNo Server Response Smtp server not respondedSlow Http GET Response Slow Http GET response=3608 ms 2000 msSlow Http Post Response Slow Http Post response=2918 ms 2000 msSlow Server Connect Slow FTP server connect=298 ms 200 msSlow Server Response Slow Smtp server response=1258 ms 1000 msSMB Invalid Network Name Invalid network name in tree connectSMB Invalid Password Invalid passwordWins request not responded within 1000 ms Session LayerNo Wins Response TNS Slow Server Connect Slow TNS server connect=298 ms 200 msTNS Slow Server Response Slow TNS server response=238 ms 200 msTransport Layer Idle Too LongNon Responsive Station Station 206.250.228.11 not respondingTCP Checksum Errors SA=206.250.228.69 DA=206.250.228.11TCP Fast Retransmission TCP Frozen Window 10-48 TCP Long Ack TCP Repeat Ack Acknowledgement number is less than the one beforeTCP Retransmissions TCP RST Packets TCP SYN Attack Rate of change of TCP SYN’s=150Data length of 128 bytes exceeds last window size TCP Window ExceededCount TCP Window Probe Between 206.250.228.69/TCP/IP WKP1988 206.250.228.11/SMTPTCP Zero Window Expert DiagnosisToo Many Retransmissions Retransmission ratio is 49 / 50 = 98%Addr=206.250.228.67 Network LayerDuplicate Network Address Hsrp Coup SA=206.250.226.11 DA=206.250.228.69Hsrp Errors Hsrp Resign Icmp All Errors Parameter ProblemDestination Unreachable Source Quench RedirectIcmp Bad IP Header Icmp Destination Host Access Denied Cannot be reached by SA=206.250.228.11 DA=206.250.228.69Icmp Destination Host Unknown Icmp Destination Network Access Denied Icmp Destination Network Unknown Icmp Destination Unreachable 10-69 Icmp Fragment Reassembly Time Exceeded Icmp Fragmentation Needed D/F set Icmp Host Redirect Icmp Host Redirect for TOS Icmp Host Unreachable Icmp Host Unreachable for TOS Icmp Inconsistent Subnet Mask Addr=206.250.228.69. Subnet mask=255.255.255.240Icmp Network Redirect Icmp Network Redirect for TOS Icmp Network Unreachable Icmp Parameter Problem Icmp Port Unreachable Icmp Protocol Unreachable Icmp Redirect Icmp Required IP Option Missing Icmp Source Quench Icmp Source Route Failed Icmp Time Exceeded Icmp Time to Live Exceeded Illegal Network Source Address Addr=255.255.255.255IP Checksum Errors IP Time to Live Expiring TTL=1 SA=206.250.228.69 and DA=206.250.228.11ISL BPDU/CDP Packets ISL Illegal Vlan ID Vlan ID=1036Ospf Broadcasts RIP Broadcasts Router Storm Rate of change of Router Broadcasts=5Same Network Addresses Addr=255.23.252.6SAP Broadcasts Total Router Broadcasts Unstable MST Rate of change of Topology=10Zero Broadcast Address Addr=0.0.0.0MAC Layer Bad FramesBroadcast/Multicast Storms Rate of change of Bcast/Mcast Packets=500CRC error with more than 63 bytes CRC Frame counterExcessive ARP Rate of change of ARP Requests=20Excessive Bootp Rate of change of Bootp/Dhcp Requests=25Excessive Broadcasts Excessive Collisions Excessive Multicasts CRC error with less than 64 bytes Fragment FrameIllegal MAC Source Address Addr=FFFFFFFFFFFFCRC error with more than 1518 bytes Jabber FrameNetwork Overload Utilization=42%New MAC Stations Oversized Frame Oversized frame has more than 1518 bytesOverload Frame Rate Overload Utilization Percentage Physical Errors Rate of change of Errors=450Runt Frame Runt frame has less than 64 bytesSame MAC Addresses Addr=00800F13A65BTotal MAC Stations Hints and Tips for Expert Features Configuration dialog box Summary of Expert Counters and SymptomsResponse Time Alarm editor Summary of Expert Features Summary of Expert Features TOS ISL BPDU/CDP Surveyor TCP RST Surveyor Multi-QoS Using Multi-QoS with Analyzer Hardware Protocols Supported by Multi-QoSMulti-QoS User Interface Overview Channel View Table Call Summary Range TableAll Calls Table Surveyor and Rtcp Jitter Values Summary Range GraphsCall Tables for a Specific Range Call Details for a Single CallConfiguring Multi-QoS Multi-QoS ConfigurationRefresh Options MQoS Window Management Alarm Log Monitor OnlyProtocol Type Timeout Value Multi-QoS Performance Optimization Call Filtering with Multi-QoSRed Phone All Calls TableH323 Field Descriptions for All Calls Table All Calls Table Field DescriptionsCall Jitter, Call Rtcp Jitter, Call Setup Time Call Range Graphs and SummariesMulti-QoS Configuration, Call Jitter Ranges Dropped Packets, Rtcp Dropped Packets Multi-QoS Packets Dropped Graph ExampleMulti-QoS Configuration, Packets Dropped Field Descriptions for Call Range Summaries Call Range Summary Field DescriptionsVQMon Metrics Multi-QoS R-factor Example Multi-QoS Configuration, R-factor Ranges Ranges for R-factors Network R-factor User R-factorUtilization Graph 10. Multi-QoS Utilization Graph ExampleField Descriptions for Call Details 11. Example Call Details Window H.323Sccp Call Field Descriptions FIDH.323 Call Field Descriptions Field Name DescriptionSIP Call Field Descriptions Field Name Channel Table Details 10. Unknown Call Field Descriptions12. Channel Table Example 11. H.323, SIP, or Unknown Channel Table Column Descriptions Multi-QoS 12. Sccp Channel Table Column Descriptions Playback PCMU/PCMA Data Filtering on Single ChannelsCall Playback Customizing Multi-QoS Table Displays Customizing All Calls or Range Summary TablesCustomizing Channel Tables 14. Multi-QoS Channel Table View Options, Sccp ExampleChoose Export Multi-QoS Data... from the File menu Exporting Multi-QoS DataExporting All Multi-QoS Data to CSV Format Exporting a Single Multi-QoS Table to CSV Format 11-34 Counter Type Description Packet CountersMAC Layer Counter Types Error Counters Custom CountersCounters Last frame received Expert Counters Network Unknown, Destination Host Unknown, Destination Net Overload Utilization Percent Surveyor Multi-QoS Counters Counter Log File OverviewLog Directory Structure Utilities Name Table Utility Utilities Building a Name Table From the Network NIS-to-Name Table Conversion Utility NIS2NAM output-name-tableSniffer Translator Utility Internet Advisor Translator UtilityGet Version Information Utility Sniffer Translator Utility, Tool Menu OptionsFrom the Tools menu, choose Merge Histogram Files Convert Capture Files to Histogram FilesMerge Histogram Files Extract Frames From a File Using a Filter Logging UtilitiesExport Utilities Exporting PacketsExporting Tables to CSV Format or Graphs to a Bitmap Exporting to Optimal CSV FormatExporting Counter Log Files to Excel Choose Export to Optimal Performance from the File menu13-11 13-12 Buffers How Resources Use BuffersTable A-1. Buffer Types Used By Surveyor Buffer Type DescriptionTable A-2. Resource Use of Buffers Resource Buffer UsageTable A-4. Hardware Transmit Functions Hardware DependenciesTable A-3. Hardware Real-Time Functions Table A-5. Hardware Capture Functions Table A-6. Hardware ConnectivityAbout Ndis Mode Captured PacketsCapture Rate / Transmit Speed CountersSet Capture Buffer and Packet Slicing Size Ndis Configuration OptionsSetting the Interface Pre-Defined Filter Templates Filter TemplatesARP MacdabroadcastHEX Fffffffffff MacdamulticastEigrp IcmpIgmp DECSAP IPX RIP IPXRsvp DNS TCP FTPHttp ImapSccp SmtpTCP TelnetDhcp DNS UDPMgcp UDP NB-DATAGRAMNTP RIP UDPSIP SnmpDsap HEXHEX F0F0 HEX E0E0 NmpiSnap HEX AAAA03Snaparp SnapcdpIslarp Isldns TCPIsleigrp IslftpIslldap HEX FfffffffffffHEX 01005EFFFFFF Islmgcp TCPIslsmtp IslsspIsltcp IsltelnetHEX 0B HEX 0CHEX 0D HEX 0F HEX 2AHEX 0E Nonmac Keyboard Shortcuts Function KeysStandard and Navigational Keys Keyboard Shortcuts Surveyor Recognized Parser Names Table D-1. Parser Names, DLC SuiteParser Name Protocol Table D-2. Parser Names, Applications and OthersTable D-4. Parser Names, Banyan Suite Table D-3. Parser Names, Apple Talk SuiteParser Name Protocol Name Table D-7. Parser Names, Fujitsu Suite Protocol Name Table D-5. Parser Names, Cisco Suite Protocol NameTable D-6. Parser Names, DECnet Suite Protocol Name Table D-8. Parser Names, IBM Suite Table D-9. Parser Names, Internet SuiteTable D-9. Parser Names, Internet Suite Protocol Name Table D-10. Parser Names, Internet Next Generation Suite Table D-11. Parser Names, Netware SuiteTable D-12. Parser Names, PPP Suite Protocol Name Table D-13. Parser Names, XNS Suite Protocol NameTable D-14. Parser Names, H.323 Suite Table D-15. Parser Names, ITU CodecsTable D-19. Parser Names, VPN Suite Protocol Name Table D-17. Parser Names, Other Multimedia Protocol NameTable D-18. Parser Names, Intel Suite Protocol Name Surveyor Glossary Alarm Browser Avvid Capture Mode Dram Expert View Log Files Ndis NIS Pause Sccp Token Error Transmit Specification WKP Index Index-2 Index Index-4 Index-5 Index-6 Index-7 Index-8 Index-9 Index-10 Index-11 Index-12 Index-13 Index-14