Nuts and Bolts Network Testers Lead image: © Photographer, 123RF.com

Tools for troubleshooting the network

LAN Under Investigation

Network errors frequently affect many clients and are correspondingly urgent. With the right tools, such as specialized network testers, troubleshooting is much easier. By Jens-Christoph Brendel

Time spent on complex troubleshooting is usually sorely needed elsewhere. Therefore, tools that allow more efficient troubleshooting are always welcome. Network testers promise this efficiency on the LAN, but do they live up to their promises? I looked at two contenders in this field: LanXPLORER [1] and OneTouch AT [2].

LanXPLORER

The basic tests provided by this handy little device by IDEAL Industries (Figure 1) include wire testing. In the setup, you can select different wiring schemas from CAT5e through UTP, CAT 7, STP, and Coax RJ59. One end of the cable is connected with the LanXPLORER and the other to a specific mating component. With this device, you can determine the length of the cable, whether it is broken or improperly connected, and whether there is a short-circuit or cross-talk (Figure 2).

Figure 2: The cable is miswired. LanXPLORER has determined the length and checked the wiring.

It makes sense to run this check before any others. A built-in tone generator in conjunction with an inductive receiver also lets you discover the remote end of a cable if the assignment is otherwise unclear.

Active Tests

Next, LanXPLORER is ready for a number of active network tests. If you use Power over Ethernet (PoE), you can verify this function. The tester can ping a remote node (10 targets can be preset) to log the packet loss and delay and perform a traceroute, reporting run times to each hop. Additionally, you can gather information for all the hosts, servers, and printers on a subnet.

The result of this type of portscan, which also identifies the most important services, can be saved as a netmap (Figure 3). In subsequent test runs, you can compare the results with a previously saved map; devices added or removed are listed in each category.

Figure 3: Netmap overview. Saved views can be compared with the latest findings.

Some of these tests (e.g., wiring tests, PoE load tests, pings, traceroutes, and the netmap comparison) or a selection of tests, can be grouped as an autotest and launched at the press of a button. However, the choice of automatic tests is not entirely arbitrary.

On request, LanXPLORER will generate simple statistics, such as top 10 lists for the network protocols used, the most common errors, or the most active transmitter. It also shows you the parameters for the currently active links (e.g., speed, auto-negotiation, and duplex type).

Although variants of the device can listen in to normal twisted-pair cables, the Plus and Pro models also offer this functionality for the WiFi network or, with the appropriate interface, for optical fibers. However, only the Pro model, which was tested here, can be looped into a communication path, thanks to a second network interface. In this inline mode, it also offers simple VoIP statistics and PC diagnostics. These tests in turn comprise protocol statistics and a packages counter and can identify the parameters transmitted to the endpoint by DHCP.

Limitations

The options offered by the functional tests and the device's ability to analyze performance problems are fairly limited. LanXPLORER cannot inspect or log packets, and apart from rudimentary output of DHCP parameters, you cannot check services as a general rule. Additional measuring devices are needed to detect the transmission speed. Filters are limited to specific fixed selections.

If you need to troubleshoot network problems in depth, a laptop and an extra cable tester will be more helpful. This mix of equipment, however, is more unwieldy, heavier, more complex, and less robust than a specialized network tester.

In contrast, LanXPLORER combines all of the basic tests in a single device that weighs little more than a pound and fits in a jacket pocket. The controls are very simple and intuitive thanks to the touchscreen display. Thus, the most common problems, particularly hardware failures, can thus be detected reliably.

OneTouch, the Heavyweight

The second test candidate, a OneTouch AT device from Fluke Networks, is revealed as a heavyweight when unpacked, in both the literal and figurative sense of the word. With its significantly larger color touchscreen (14.5cm diagonal, 480x640 pixels) (Figure 4), a quiet fan, and more than two pounds more electronics on board, it seriously outguns its competitor's test arsenal in both quality and quantity. However, this is also true of the price: Whereas the LanXPLORER costs around US$ 5,000 fully equipped, you can expect to pay at least US$ 10,000 for a OneTouch AT.

Figure 4: The OneTouch AT network tester by Fluke Networks. The device has a large touchscreen and needs a fan.

The OneTouch completes the basic tests just as easily as the LanXPLORER. A test button starts a number of preconfigured tests. Here, too, they start with the connection to the next switch on the LAN, and services offered there, before climbing up the ladder to Internet services. All of the tests are summarized in a score (green or red top bar). If a DHCP server is in place that only issues IP addresses to devices with a known MAC address, you need to introduce it to the network tester before you proceed to test more than just the network wiring. Alternatively, you can edit the tester's MAC address.

The first and most basic test is a test for correct wiring, open circuits, and cross-talk, as well as PoE, if used. A special end piece gives you a fairly accurate length measurement. You can find the far end of the cable using a tone generator, as with the LanXPLORER; however, the receiver (probe) is not included in the package and must be purchased as an accessory. If you have an active remote node, the negotiated link rate and the duplex mode also are displayed.

When it comes to the nearest switch, the tester detects the IP address, MAC address, and port number of the connection, provided the switch understands SNMP and the required password (community string) has been configured on the tester. You can, in principle, retrieve port statistics here, or from a neighboring gateway, but again, this requires SNMP, and a matching configuration.

Deeper Insights

In contrast to the LanEXPLORER, the candidate by Fluke Networks not only answers Yes or No to your questions relating to DNS or DHCP functionality but also provides performance data and details, such as the response time or the expiry date of the DHCP information. In the ping test, the time for the DNS lookup is shown separately, and you are given minimum, maximum, and average values for the speed of ICMP responses.

In addition to performing the simple ping test, you can access a freely configurable website, or transfer 1MB of test data to or from any FTP server. Also a Google query and mail retrieval are available as freely configurable tests. You can also check the SYN/ACK handshake with any application port. A special Veri-Fi test additionally determines the throughput, data loss, latency, and jitter of wired and wireless connections.

WLAN Included

Various details can be retrieved for WLAN connections (Figure 5), including channel utilization, signal strength, and noise of access points, or for connected clients. Using a plugged-in directional antenna provided in the package, you can even locate WLAN clients or access points.

Figure 5: An overview of a WiFi access point with details of signal strength, SSID, encryption, etc.

As with the LanXPLORER, you can add more components to the auto-test (Figure 6); however, admins enjoy more degrees of freedom here. In addition to the tests already mentioned, there are tests for various protocols, including RTSP (video), IGMP (Multicast), or SMTP (email). In a style similar to the other candidate device, a LAN view summarizes hosts, servers, printers, or VoIP remote nodes. Unfortunately, this view is not interactive, so you cannot retrieve detailed information about the devices.

Figure 6: The results of the automatic test that checked both a wired connection and a wireless LAN. The Veri-Fi test was added.

Many users probably have complained about this feature, because the vendor is now planning to upgrade it. Additionally, the overview lists "0 switches," but – strangely – the home screen lists the nearest switch and provides a detailed description. This and the failure to detect printers are all due to an incomplete SMTP configuration. However, the LanXPLORER recognized a print server without SMTP.

Fluke's OneTouch AT also has an inline mode, with which it can be looped into an existing connection. In contrast to the LanXPLORER, it can also sniff packets. However, to evaluate, you must transfer the results a storage medium and analyze with the relevant software on a PC.

Conclusions

A high price gives rise to high expectations. In the case of the OneTouch AT not everyone will consider these expectations met. Although the device combines ease of use with a wide variety of useful tests, is flexibly configurable, and is still fairly portable and compact, it doesn't offer the kind of added value that a less expensive device, or even a solution with your laptop and free network-testing software (e.g., Wireshark, Nmap, Kismet), offers. Thus, it will be restricted to situations in which costs play a subordinate role or admins need to troubleshoot the network so often and intensively that a minor gain in convenience is worth a high price.