Top 5 Causes of Sudden Spikes in Traffic
Top 5 Causes of Sudden Spikes in Traffic That Show Up on Bandwidth Monitoring Solutions
FOR IMMEDIATE RELEASE: 06.11.2006
PORTLAND, Ore. and FUERTH, Germany, Nov. 6, 2006 – Something happens after IT teams implement a bandwidth monitoring solution: They get inquisitive.
Most bandwidth monitoring solutions make it easy for IT teams to identify alarming or sudden peaks in their network traffic by communicating the data through graphical interfaces, said Dirk Paessler, president of Paessler AG, a network monitoring company. The challenge, however, for many IT teams is quickly solving the mystery of what’s causing the peak in traffic.
“It’s the solution’s job to basically tell the IT team, ‘It looks like you have a major problem on your network, and you should look into it,’” Paessler said. “But getting inside your network’s head, if you will, just isn’t that easy sometimes.”
Paessler added that while every network is different, he and his staff have been working with customers to identify bandwidth spikes for years and have identified the top five most common causes of spikes in traffic, according to Paessler customer feedback:
Top 5 Causes of Sudden Spikes in Network Traffic
-- 1) Scheduled backups inside the LAN: Many backup-to-disk products can be scheduled to run at a specified time, and they may even fully use a 100 MBit connection.
-- 2) Remote backup tools: Products like “IronMountain Connected Backup” or “NovaStor Web” are used to back-up files from a PC onto a server somewhere on the Web. During the backup, they can easily satisfy your outgoing data line.
-- 3) Virus scanner updates that are distributed inside the LAN.
-- 4) Mail server problems: We have seen situations where a remote mail server tried to deliver a 15 megabyte mail to a company’s mail server every five minutes -- again and again -- even though the target mail server denied acceptance and discarded the mail. The two SMTP implementations were just a bit incompatible and -- to solve the problem -- the target mail server had to be set to deny access from the remote server’s IP.
-- 5) Malware outbreaks and hacking attempts.
-- Note: This list excludes situations like large downloads by users on the LAN or the usage of file sharing and torrent-like products.
IT teams can use the list above as a guide or point of reference when their bandwidth monitoring solution indicates a peak in traffic. Yet, Paessler said, the best and essentially only way for IT teams to know exactly what’s causing traffic spikes is to dedicate some staff time to good-old-fashioned network troubleshooting:
Steps You Can Take to Find Out What’s Causing the Spikes
-- 1) Try to find a pattern in the spikes. For example, do they appear roughly at the same intervals or at the same time of each day? Do they show up during business hours (more likely that a user is causing the peak) or later (more likely a scheduled issue)?
-- 2) When you find a pattern, try finding other monitoring points on the monitored system that match these patterns. Compare the pattern with processes on your network (e.g., a CPU load peak of one of your servers may be in-sync with the bandwidth load).
-- 3) Try to analyze the traffic with a proprietary packet sniffer. For modern switched networks, this may not be so easy, but it is the best way to find out which computer system is causing the trouble.
Still, in the end, there is always a chance that the peaks displayed by a bandwidth monitor simply aren’t real, Paessler said. They may be caused by a bug-riddled device or software. Often times, for SNMP-based monitoring, a false spike stems from “counter-overflows” or “counter-rollovers.” In other words, most SNMP devices use 32-bit counters to count the number of bytes transferred via a data line. Depending on the bandwidth usage, the values at some point in time will reach the 32-bit barrier.
About Paessler’s PRTG Traffic Grapher
PRTG Traffic Grapher is an easy to use Windows software for monitoring and classifying bandwidth usage. It provides system administrators with live readings and long-term usage trends for their network devices. The most common usage is bandwidth usage monitoring, but you can also monitor many other aspects of your network like memory and CPU utilizations.
La société Paessler AG
Fondée en 1997, la société Paessler AG dont le siège se trouve à Nuremberg (Allemagne) s'est spécialisée dans le développement de logiciels alliant performance et facilité d'utilisation dans les domaines de la surveillance réseau, essais de charge et analyses.
PRTG Network Monitor surveille la disponibilité de systèmes, de services et d'applications ainsi que l'utilisation de la bande passante dans des réseaux. PRTG est un programme compatible Cisco, et certifié pour l'analyse de données Netflow. Webserver Stress Tool est une application pour des essais de charge de serveurs web et d'infrastructures web.
L'entreprise compte des clients dans tous les secteurs: diverses entreprises de toute dimension allant de TPE à des PME et même de grands groupes internationaux. Les produits de Paessler sont utilisés dans le monde entier par des administrateurs de système, opérateurs de site web, fournisseurs d'accès Internet et autres spécialistes de l'informatique. Chaque jour, plus de 150 000 installations de Paessler AG sont employées à travers le monde. Des versions gratuites de démonstration ainsi que des informations complémentaires sont disponibles en ligne sur le site www.fr.paessler.com.
Plus d’informations
Paessler AG
Burgschmietstraße 10
D - 90419 Nuremberg
Contact éditorial
Paessler AG
Christian Twardawa
Tél.: +49 (911) 7 39 90 30
Fax: +49 (911) 7 39 90 31
Mél: press@paessler.com
www.fr.paessler.com
Agence RP
Sprengel & Partner GmbH
Nisterstraße 3
D – 56472 Nisterau
Contact
Olaf Heckmann
Tél.: +49 (26 61) 91 26 0-0
Fax: +49 (26 61) 91 26 029
Mél: olaf.heckmann@sup-pr.de
www.sup-pr.de