Getting Started Is The Tough Part
top of page
Search

Getting Started Is The Tough Part


Regardless if you are troubleshooting, baselining installing or designing getting accurate data is critical.

We’ve all heard that old saying “garbage in, garbage out” but what about “no data, no chance”?

When I present or teach I always try to instill some basic concepts to help attendees regardless of their role.

The first point is “get off your chair”. When possible get off your chair and visit the site, or client, to get a proper perspective of the issue, site and gather first-hand information. In the day of video calling, and the ability to record video/photos from your phone, you can ask the client to ‘show you the issue’ or a walk around the site.

The second point is to document! Document anything, tools used, methodology the switch make/model, ip addresses, port numbers, operating systems, etc… you would be surprised how helpful this information can be for you at a later date or for someone else working with you.

No matter what you do, document or start with, just start with something. For example, I get many requests to help with application or device baselines. The first thing I ask is how do you want to baseline? There are many options; you can use the SNMP port stats of your switch to watch load/utilization, review firewall logs for port numbers used, if its windows or linux, look at netstat output, or lastly capture packets.


When I started working with packet analyzers, I would capture packets while on hold or any opportunity so I can get comfortable with the tool and interpreting the results BEFORE I take it out in the field.


The critical part of performing packet captures is to ensure you note if you used a span port, hub, tap, directly from the device to capture your packets. The most common techniques I see out there is a span port or tap.


When it comes to taps, they are not all built the same, or have the same features. Make sure you get the one that fits your needs, for example is it a packet broker, goes it pass POE through, what interface does it use to connect to your computer, how user friendly is the software, etc..

In this short video, I show you how I connected a Profitap Profishark inline to capture a phone’s bootup for baselining, troubleshooting and baselining.


Cheers






129 views
bottom of page