Shulou(Shulou.com)06/01 Report--

Network fault analysis

I. slow access to network applications

Detailed description of fault:

(1) the access speed between private network hosts of the same VLAN is very slow, such as PING each other, copying files from network neighbors, and so on.

(2) the access speed of hosts between different VLAN is very slow.

(3) the intranet host can open the web page, but the speed is very slow.

(4) when the private network host PING the public network domain name or DNS server, the return time is longer.

(5) all kinds of applications in the network appear intermittent phenomenon.

(6) when the intranet host opens a business system in the network, the response is very slow, even in a state of false death.

Classification of causes of failure:

(1) Network packet loss

1) packet loss of network devices

2) Network congestion

3) improper configuration of MTU

4) Network *

5) improper configuration of load balancing equipment

(2) large network delay

1) delay of the device

2) Transmission distance delay

3) loan delay

(3) slow application response

1) slow TCP connection

2) slow application transaction processing

(4) the response of relevant application servers is slow.

1) slow response of DNS server

2) slow response of database server

3) other related services are slow

Detailed causes and solutions of the failure:

Packet loss for network devices:

The Clay network backtracking analysis system adopts the way of multi-terminal deployment to compare the data packets at both ends of the key equipment in the network to determine whether the device is lost or not, so as to accurately locate the packet loss device.

Recommended solution:

1) update the device configuration in question.

2) replace the network device with the problem.

For network congestion:

Kelai network backtracking analysis system is used to monitor the traffic occupancy of key links (usually egress links) to check whether the network utilization is too high, whether there are too many packets per second, whether the packet size distribution is reasonable, whether the TCP session is normal, and so on.

Recommended solution:

1) if the cause of network congestion is caused by abnormal traffic such as P2P, virus, * *, these traffic needs to be controlled.

2) if the cause of network congestion is that the network bandwidth is too small, we should consider increasing the network bandwidth.

Misconfigured for MTU:

Use Kelai network backtracking analysis system to collect key link data, check the transmission MTU value, and then check the MTU equipment of the key equipment in the network.

Recommended solution:

Set the appropriate MTU value.

For the network *:

Through Kelai network backtracking analysis system to monitor key links, real-time find abnormal networks in the network *, according to Kelai intelligent diagnosis, quickly determine whether there is an abnormal network in the network *.

Recommended solution:

Check and block according to the address judged by intelligent diagnosis.

Improper configuration for load balancing devices:

Through multi-terminal deployment, the Kelai network backtracking analysis system monitors the distribution of traffic after load balancing, and determines whether it is used for load balancing equipment to allocate packets to the wrong link to cause packet loss.

Recommended solution:

Rational allocation of load balancing strategy

For high network latency:

By using the Kelai network backtracking analysis system, the multi-segment deployment method is adopted to compare the delay of TCP packets transmitted by the two ends of the key equipment in the network, and to analyze and locate the devices that cause the delay.

Recommended solution:

1) update the configuration of the device that causes the delay.

2) replace the network device that caused the delay.

For transmission distance delay:

Analyze the time interval of the three-way handshake packet in the TCP connection, view the client network delay, server network delay, and locate the delay location.

Recommended solution:

Multi-connection or other transport layer protocols are adopted to avoid the impact of network delay on TCP transmission.

For bandwidth latency:

By analyzing the performance of TCP transmission, determine whether there is a bandwidth delay look. The effect of bandwidth on transmission delay is determined by calculating the amount of data transmitted and the capacity of link bandwidth.

Recommended solution:

Increase network bandwidth

For slow TCP connections:

Using Kelai network backtracking analysis system to capture application communication data, by defining the application to directly view the three-way handshake delay, and the client and server delay, quickly determine whether the slow TCP connection occurs in the client or the server.

Recommended solution:

Improve the transmission performance in the network transmission process.

Slow transaction processing for applications:

The Kelai network backtracking analysis system is used to capture the application communication data, and by defining the application to directly view the client request time and the server response time, we can judge whether the server has the phenomenon of slow application transaction processing response.

Slow response to the DNS server:

Use Kelai network backtracking analysis system to capture DNS communication data, analyze DNS request and response packets, and check whether there is a slow response of DNS server.

Recommended solution:

Optimize the software and hardware settings of DNS server.

Slow response to the database server:

The Kelai network backtracking analysis system is used to capture the database communication data, analyze the transaction processing request and response packet of the background database, and check whether there is the phenomenon of slow transaction processing in the database.

It is recommended to follow up with specific solutions:

Optimize the software and hardware configuration of the database server and optimize the database operation script.

Other related responses are slow:

Use Kelai network backtracking analysis system to capture application communication data, analyze transaction processing requests and response packets of other related services, and check whether there is a phenomenon of slow transaction processing.

Recommended solution:

Optimize the software and hardware configuration of related services.

Second, the network and applications cannot be accessed.

Detailed description of fault:

(1) the intranet host cannot communicate with any application of the Internet, such as web page, mail, QQ, FTP and so on.

(2) the private network host PING cannot access the DNS server and the domain name of the website.

(3) the intranet host can go to QQ, but the web page cannot be opened.

(4) Intranet hosts cannot access a specific application service of the network.

Classification of causes of failure:

(1) the network is unreachable

1) physical link is down

2) Network equipment downtime

3) serious packet loss

4) denial of service *

5) the route is unreachable

6) Policy interruption

(2) the application is unreachable

1) Application downtime

2) Application denial of service

3) Policy interruption

(3) the application is unresponsive.

Application fault

(4) related applications are unresponsive.

1) the DNS server is not responding

2) the database server cannot connect

3) other related services cannot be connected

Detailed causes and solutions of the failure:

For physical link outages:

Use the PING to locate the breakpoint and view the network device and physical link status to determine if there is a link outage.

Recommended solution:

Restore link connectivity.

For network device downtime:

Use PING to locate breakpoints and view the status of network devices and physical links to determine if there is network device downtime.

Recommended solution:

Restore the normal operation of the device.

For severe packet loss:

Kelai network backtracking analysis system is used to monitor key links to see if there are a large number of retransmissions of TCP data streams in the links. If so, it shows that there are a large number of packet losses in the network. Determine if there is a large number of packet losses through the PING target host. At the same time, the packet loss device is located by segmented capture and analysis of packets.

Recommended solution:

1) if the packet loss is caused by abnormal traffic such as P2P, virus, * *, these traffic needs to be controlled.

2) if the reason for packet loss is the packet loss of a device, you can consider reconfiguring or replacing it.

For denial of service *:

The Kelai network backtracking analysis system is used to monitor the key links, quickly judge whether there is a denial of service in the network through the intelligent alarm system, and quickly locate the source.

Recommended solution:

Locate the source and block it.

For unreachable routes:

Kelai network backtracking analysis system is used to monitor the key links and analyze whether there are unreachable CMP packets in the captured packets. Analyze unreachable destination address routes through the tracert command.

Recommended solution:

Update the routing configuration of the router.

For policy outages:

The Kelai network backtracking analysis system adopts the way of multi-segment deployment to compare the data packets at both ends of the security devices in the network and locate the endpoints to see if the access control policies of security devices such as firewalls block the application communication.

Recommended solution:

Fix access control policies on devices such as firewalls.

For application downtime:

Use Kelai network backtracking analysis system to capture application communication data, customize the application and monitor the application, and timely early warning through the application alarm when there is an ing outage.

Recommended solution:

Check the application service status on the server side.

Denial of service for applications:

According to Ke Lai intelligent alarm view and location, generate * * address.

Recommended solution:

Find and block the source by DOS/DDOS and other *.

For application failures:

Kelai network backtracking analysis system is used to capture application communication data, which can be customized, applied and monitored for a long time, and the application request and response status can be checked. If the server does not respond to the request, the server may have problems.

Recommended solution:

Check the working status of the application, find the BUG of the application, or restart the application, restart the server.

No response to the DNS server:

The Clay network backtracking analysis system is used to capture DNS communication data, analyze the relevant DNS request and response packets, and see if there is a situation in which the DNS service is unable to resolve the application address normally, resulting in unable to connect to the application server.

Recommended solution:

Check the software and hardware of the DNS server and restore the DNS service.

Unable to connect to the database server:

Using Kelai network backtracking analysis system to capture database communication data, analyze the relevant database requests and response packets to see if there is a database server that does not respond, resulting in the failure to provide normal transaction processing.

Recommended solution:

Check the configuration of the database service to ensure that the database service is normal.

Unable to connect for other related services:

Use Kelai network backtracking analysis system to capture application communication data and analyze the transaction processing of other related servers.

Recommended solution:

Optimize the software, hardware and policy settings of related services to ensure the normal provision of services.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.