Top 5 Causes of Sudden Spikes in Traffic That Show Up on Bandwidth Monitoring Solutions

0
shares
Be First to Share ->
Share on Twitter
Share on Google+
Share on LinkedIn
Pin to Pinterest
Share on StumbleUpon
+
What's This?

PORTLAND, Ore. and FUERTH, Germany (PRWEB) November 6, 2006

Something happens after IT teams implement a bandwidth monitoring solution: They get inquisitive.

Most bandwidth monitoring solutions make it easy for IT teams to identify alarming or sudden peaks in their network traffic by communicating the data through graphical interfaces, said Dirk Paessler, president of Paessler AG, a network monitoring company. The challenge, however, for many IT teams is quickly solving the mystery of what’s causing the peak in traffic.

“It’s the solution’s job to basically tell the IT team, ‘It looks like you have a major problem on your network, and you should look into it,'” Paessler said. “But getting inside your network’s head, if you will, just isn’t that easy sometimes.”

Paessler added that while every network is different, he and his staff have been working with customers to identify bandwidth spikes for years and have identified the top five most common causes of spikes in traffic, according to Paessler customer feedback:

Top 5 Causes of Sudden Spikes in Network Traffic

1) Scheduled backups inside the LAN: Many backup-to-disk products can be scheduled to run at a specified time, and they may even fully use a 100 MBit connection.

2) Remote backup tools: Products like “IronMountain Connected Backup” or “NovaStor Web” are used to back-up files from a PC onto a server somewhere on the Web. During the backup, they can easily satisfy your outgoing data line.

3) Virus scanner updates that are distributed inside the LAN.

4) Mail server problems: We have seen situations where a remote mail server tried to deliver a 15 megabyte mail to a company’s mail server every five minutes — again and again — even though the target mail server denied acceptance and discarded the mail. The two SMTP implementations were just a bit incompatible and — to solve the problem — the target mail server had to be set to deny access from the remote server’s IP.

5) Malware outbreaks and hacking attempts.

Note: This list excludes situations like large downloads by users on the LAN or the usage of file sharing and torrent-like products.

IT teams can use the list above as a guide or point of reference when their bandwidth monitoring solution indicates a peak in traffic. Yet, Paessler said, the best and essentially only way for IT teams to know exactly what’s causing traffic spikes is to dedicate some staff time to good-old-fashioned network troubleshooting:

Steps You Can Take to Find Out What’s Causing the Spikes

1) Try to find a pattern in the spikes. For example, do they appear roughly at the same intervals or at the same time of each day? Do they show up during business hours (more likely that a user is causing the peak) or later (more likely a scheduled issue)?

2) When you find a pattern, try finding other monitoring points on the monitored system that match these patterns. Compare the pattern with processes on your network (e.g., a CPU load peak of one of your servers may be in-sync with the bandwidth load).

3) Try to analyze the traffic with a proprietary packet sniffer. For modern switched networks, this may not be so easy, but it is the best way to find out which computer system is causing the trouble.

Still, in the end, there is always a chance that the peaks displayed by a bandwidth monitor simply aren’t real, Paessler said. They may be caused by a bug-riddled device or software. Often times, for SNMP-based monitoring, a false spike stems from “counter-overflows” or “counter-rollovers.” In other words, most SNMP devices use 32-bit counters to count the number of bytes transferred via a data line. Depending on the bandwidth usage, the values at some point in time will reach the 32-bit barrier.

About Paessler’s PRTG Traffic Grapher

PRTG Traffic Grapher is an easy to use Windows software for monitoring and classifying bandwidth usage. It provides system administrators with live readings and long-term usage trends for their network devices. The most common usage is bandwidth usage monitoring, but you can also monitor many other aspects of your network like memory and CPU utilizations. http://www.paessler.com/prtg .

About Paessler AG

Founded in 1997 and headquartered in Fuerth, Germany, Paessler AG builds cost effective software that is both powerful and easy to use. The product range is specialized on Network Monitoring and Testing as well as Website Analysis. Its products are used by Network Administrators, Website Operators, Internet Service Providers and other IT-Professionals worldwide. Freeware and Free Trial versions of all products can be downloaded from http://www.paessler.com/ .

Contact

Tamarie Johnson, 503-345-9257

Paessler Media Relations

###







Leave a Comment

Your email address will not be published. Required fields are marked *