Microsoft Network Monitor - Experts
Written by Mike James   
Wednesday, 12 May 2010
Article Index
Microsoft Network Monitor - Experts
Using an Expert

Selecting an Expert

Next with the conversation highlighted select Experts, TCP Analyzer, Launch Expert and wait for a few seconds while the packets involved in the conversation are analysed.  If you don't select a conversation the TCP Analyzer will pick the first conversation in the list.

When the Expert window opens you will see a text summary of the data. The host that started the conversation is labelled  A and the other end is labelled B. You can see the IP address and the port used - if the host is behind a NAT router then the port used will be something other than 80. You will also see the data rate and other useful statistics. If you click on Analyze,RTT the average round trip time will be displayed and other statistics prepared for the chart.

To display the charts simply click on Analyze, Graph when the three small charts to the left will be populated. If you click on one of the small graphs a zoomed area close to the click is displayed in the large chart to the right. The charts show the packet sequence number for A and B (top and bottom respectively) plotted against time. Sequence numbers give the number of bytes transmitted in the conversation so far.

tcpana

With enough data these two charts can let you understand how the exchange processes in terms of packets sent, acknowledgments received and so on up to the Finish packet that closes the connection and conversation. What you need to look out for in analysing the connection are any discontinuities - i.e. out of order packets, retransmission and lost packets. The receiver window data tells the sender how much data it is ready to receive and hence this gives you some idea of how well the receiver is coping with the data.

Different chart patterns reveal different types of throughput limitations of the connection but you don't usually have to worry about working this out. If you click on the Analzye,Flow option the expert will use this data to work out what, if any problems there are and inform you with a short message such as "doesn't appear to be bandwidth limited", "Receiver limited", "Sender limited" and "Congested limited".  Essentially what you want to see is a steady stream of data any clumping is evidence that the exchange is limited by something other than the bandwidth.

There is a lot of information in a single analysis and you need to really understand the way a TCP connection works to make sense of it.

Banner


Setting Up Site-To-Site OpenVPN

Setting up a point-to-point VPN is relatively easy but site-to-site is much more complicated involving certificates and more IP addresses than you can count. Find out how to do it using OpenVPN.



Disk Drive Dangers - SMART and WMI

Getting access from an application to the hardware is never easy. If you want to know how well your disk drive is performing then there is a way of accessing the SMART data - including the temper [ ... ]


Other Projects

<ASIN:0596008406>

<ASIN:1593271794>

<ASIN:0735625158>

<ASIN:0470496649>

 



Last Updated ( Wednesday, 12 May 2010 )