I'm the Unix (AIX & Solaris) system admin in a small college whose
strength is more in the hosts than the network, but I'm the one that
has to deal with network problems...so this is a basic question.
Further, it's more a network than firewall question. So my apologies
and abasement...if there's a better list to ask this in, please direct me.
OK: I am seeing intermittent network saturation: internal pings fail,
telnet session hang or get dropped, etc. I have no sniffer, no network
analyzer, no network management software. This is an Ethernet
network that was figer linked to IBM/Cabletron/Synoptics hubs, but
now has a Cisco 5500 with RSM at its center and about 1/3 of the
network is Cisco 2900 XLs..in a year or two, it'll be all of it. It handles
about 1000 students and 500 faculty and staff. We have a T1
outbound out of a Cisco 2501 (which ties to the intranet with a 10Mb
regular Ethernet); it's other serial port is a frational T1 from a
satellite campus.
I notice that, when network saturation happens, the T1-Out is
pegged....the ISP, AppliedTheory/Nysernet, provides a nice web-
based page that graphs our T1 usage. When I do a 90 day report, I
see the first 30 days is flat at 10-15%. Then (perhaps coinceding with
the beginning of replacing old stuff with 2900XL Cisco gear) I see the
beginning of peaking, that grows over time. By this time, we are
getting 100% T1 out for periods for hours...then it will break off and
go down to 20-30% and ordinary usage resumes.
About the only approach I've been able to come up with is:
= scanning the 5500's show port for excessive errors and pulling the
fiber to the problematic port. That hasn't yielded anything.
= pulling the fibers to all switches/hubs one at a time and watching
the CPU% of the Internet router. I observed a 10% drop on one fiber
leading to a student dorm, but no great restoral of services.
As you can see, I am bashing around in the dark. Yes, I would like
some diagnostic hw/sw, but the boss has smiled at me when I've
asked and said, 'We're buying the network gear", as if a real admin
could sniff the wind and tell you what idiot student is running an
MP3 website on campus (I once had the mail server freeze because a
student used /tmp as MP3 storage!).
Well, it's all come home now and it's roosting on MY head.
The floor is open. I appreciate your suggestions for:
= debugging with what I've got
= what hw/sw would work to help debugging
= books/courses
There's a fine line here between convincing the management that
network mgmnt that supervisory and debugging hw/sw is needed
and getting fired 'cuz the network don't work.
// Stewart Dean - [EMAIL PROTECTED]
//
// Machiavelli said (in essence):
// Bad mercenaries will lose your country for you,
// "good" ones will take it away from you....
// Don't use mercenaries
// Dean's corollary:
// Hiring temps or vendor employees may be all the rage...
// but they're the same as mercenaries:
// You give neither loyalty nor committment;
// the favor, if returned, should come as no surprise
// Look to your own honor if you expect any from them.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
