Deep packet inspection is one of the most important tasks that a network administrator needs to conduct. Any enterprise that maintains a private network will have hundreds of unique connections and data transfers every day. Each transfer will be comprised of packets that can reveal a surprising amount of detail about where they’ve come from and the network environmen tthat the traffic travels through.
Unfortunately, there are many scenarios in which packets don’t reach their destination. If your router is overwhelmed or faulty then packets will be lost in transit. In this article we look at what packet loss is and provide you with the best tools on the market to be able to tackle this problem head-on.
Why is Packet Loss Important?
As mentioned briefly above, packet loss is where traffic is lost in transit when travelling through your network. Packet loss is a pervasive problem because you have to rely on devices throughout a chain to make sure that your packet reaches its final destination. Any technical errors with a given device can mean that the packet is lost forever.
Packet loss most commonly occurs when a router or device is inundated with data and refuses to accept additional packets. However, it can also occur due to a router being defective or being connected to too many links.
Routers become overloaded when the volume and rate of traffic received becomes greater than the processing speed of the router and fills up the buffering system. Once a router reaches this point, any packets that arrive at the router will not be processed. Routers connected to the problem router send querying packets every minute to check for a response. If no response is received, then the connected router changes plans and sends the packets to another location. This action leads to high latency on one segment or on the entire network, depending on the location of overloaded switch because the original route would have been chosen as the most efficient. Variable demand on a switch will result in lag spikes, which only occur at moments of traffic surges. These problems can’t be spotted by ad-hoc investigations, but need constant monitoring.
When dealing with network hardware it is inevitable that a device is going to become compromised at some point or another. Whether your router has been beaten down over years of use or is experiencing an internal fault, it will not be able to pass any packets down the chain. While other routers will notice that the problem router is responding promptly there will still be a significant number of packets lost before this is recognised across the network.
Too Many Links
Within the header of a packet, there is a little something called “Time to Live” (TTL). TTL provides the user with a maximum number of routers that the packet should pass through for safe transmission. Once that maximum number has been exceeded, packets will be dropped. TTL can be particularly problematic in scenarios where traffic is rerouted, and packets end up passing through a large number of routers. Intermittent traffic peaks exacerbate pressure on key nodes, resulting in occasional packet loss and lag spikes caused by selective rerouting.
Monitoring your network and your infrastructure health allows you to ensure that your network equipment stays in good condition without experiencing poor performance. Unlike the type of packet loss that occurs across the internet, you have direct control over your network environment, and the equipment that is used to conduct a transfer.
Tools for Helping Packet Loss Detection
The most important thing to understand about safeguarding your network against packet loss, is that prevention is better than a cure. As such, network monitoring should be your go-to strategy to verify the integrity of your service. By scanning your devices regularly, you can ensure that your routers are in working operation so that you don’t lose any valuable packets during your next transfer.
When it comes to deep packet inspection, SolarWinds Network Performance Monitor is one of the best software products available on the market. Network Performance Monitor uses SNMP polling to check on the status of key services. The program pings a device and waits for a response to assess whether the service is still up and how responsive it is. This also gives you SNMP messages which provide you with warnings when routers are close to being overwhelmed.
One of the biggest draws of this platform is that it is very easy to use. When starting out, you can use an autodiscovery function to identify devices throughout your network. This is advantageous because you don’t have to go through the process of adding devices to monitor manually. Autodiscovery also works on new devices as well, so if you add a new piece of equipment to your network, Network Performance Monitor will recognise it automatically.
Once your devices have been mapped out and added to the system, you only need to hover your mouse over a device to raise key information on packet loss and latency. This is added by the SNMP controller, which allows you to tweak a device’s settings remotely. The SNMP controller helps you to address packet loss promptly from a centralized location.
Overall this is a solid network monitoring tool that has been designed to help administrators prevent packet loss from occurring. The simplicity of the user interface and the clarity with which you can oversee your network, makes this our top pick. SolarWinds Network Performance Monitor can be purchased for a price of $2,978 (£2,245). There is also a 30-day free trial that can be downloaded on a 30-day free trial.
Next up on our list we have ManageEngine OpManager. ManageEngine has been one of network monitoring’s most well-known solution providers. It has a user interface that embodies all the clarity and visualization you would expect from a top of the line product. With the ability to customize your dashboard with dials and charts, you can build your monitoring environment from scratch.
OpManager uses SNMP to verify the status of your network devices. Any devices that are experiencing difficulty will be highlighted by an amber light alongside the “Trouble” status. In the event that a device or router fails completely, it will be denoted by a red cross. Conversely, devices that are up and running will be shown alongside a green light.
ManageEngine OpManager also has a solid alerts system in place as well. You can receive alerts straight from a device to the dashboard to be notified about unstable conditions. These alerts can be configured to be sent to an email address or SMS as well.
As a network monitoring solution, OpManager offers an excellent user experience and top-down monitoring in a way that makes sure you don’t miss anything. There are two versions of OpManager: Essential and Enterprise. Essential costs $715 (£538) for 25 devices whereas the Enterprise version costs $19,975 (£15,055) for 500 devices. There is also a 30-day free trial that can be downloaded.
Paessler PRTG has been one of the most prominent network monitoring solutions for quite some time. PRTG uses packet sniffing, SNMP, NetFlow, and WMI to monitor your environment. PRTG allows the user to run network autodiscovery via an IP range. This eliminates the burden of having to configure devices manually.
PRTG has a number of features included, designed to address packet loss directly. For instance, you can screen for peaks in traffic, hardware bottlenecks, device health, and software errors through the program’s network monitoring and event log sensors. This provides you with a healthy spread of tools with which to comb through your network.
This program’s user interface is also very lean for monitoring. PRTG allows you to view your network environment in a number of views, including Top Talker, Top Connections and Top Protocols lists. You can also customize your perspective with a variety of graphs and charts.
It is worth noting that Paessler PRTG is very scalable, and there are a range of price points depending on the number of servers you want. PRTG 500 offers 500 servers for $1,680 (£1,266), PRTG 1000 1,000 servers for $3,010 (£2,268), up to PRTG XL1/Unlimited which offers unlimited servers for $16,101 (£12,135). A free trial can be downloaded also.
4. Nagios XI
Our next pick is Nagios XI. Nagios XI is an open source network monitoring program that lets you get to the core of your infrastructure health. The dashboard provides you with color-coded status notes for a variety of hosts and services. This grants you a baseline perspective to work from, with a clear snapshot of your service’s integrity.
Nagios XI takes a very user-friendly approach. For example, configuration wizards walk users through functions like Auto-Discovery, DHCP monitoring, DNS queries and Network Device monitoring. Configuration wizards help you to get the most out of the program’s features without having to search through the user documentation.
If you require SNMP monitoring along the lines of SolarWinds Network Performance Monitor or WhatsUp Gold, there is also a plug-in for this available in the library. Installing the plug-in makes Nagios XI particularly suited for packet loss prevention. Likewise, the configuration management module recalls the setup information of each device on your network. In the event that a setting impacts device performance then you can use the configuration management module to revert to an earlier setting.
All-in-all Nagios XI is a formidable open source network monitoring tool. The user interface doesn’t have the same aesthetic quality as a program like ManageEngine OpManager but it still offers enough depth to conduct a sophisticated analysis. Nagios XI can be installed for a price of $1,995 (£1,516) and upwards. The only issue is that you can only install Nagios XI for CentOs and EHEL Linux. There is also a 60-day free trial available from this link here.
Zabbix is an open source network monitoring solution that has garnered a lot of attention over the past few years. With over 300,000 installations, this is one of the most widely-used network monitoring tools on the market. With this program users can monitor everything from device status to network bandwidth usage, packet loss rate, and memory utilization. Zabbix also includes monitoring templates for devices from vendors such as Cisco, Dell, Netgear, Intel, and Huawei.
One of the most useful features that Zabbix possesses is that of autodiscovery. This makes it easy to find new devices without having to add devices manually. It also has the ability to detect future configuration changes as they occur. This means that when firmware is upgraded, Zabbix can keep up automatically. Zabbix’s autodiscovery feature is worth its weight in gold because it keeps you up-to-date without having to waste time. Though SolarWinds Network Performance Monitor’s autodiscovery has the edge, Zabbix is still sitting near the top of the market.
In order to collect network information, Zabbix uses a combination of SNMP, IMPI and IPv6. Once a problem has been detected you will receive a notification via email, SMS, or Messenger. In the event that you want to keep your data extra secure, Zabbix offers internal database, HTTP basic and LDAP authentication. This keeps your data secure and out of the sight of unauthorized users.
Zabbix comes highly recommended as a product with premium features without an exorbitant price tag. Zabbix maintains a top of the range design plus the fact that it’s free. We recommend Zabbix as a solution for network administrators trying to manage complex networks emphasizing scalability. Zabbix can be downloaded for CentOS, Debian, Oracle Linux, Red Hat Enterprise Linux, and Ubuntu from this link here.
6. Colasoft Capsa
Finally, we have Colasoft Capsa. ColaSoft Capsa is a network analyzer that can be used for network monitoring to maintain the quality of your service. While the user interface looks a bit outdated it is clear enough for you to be able to see under the hood of your network infrastructure health. In other words, Capsa is a great tool for making sure that you avoid unnecessary packet loss.
Colasoft Capsa boats an impressive 1040 protocols which can be analysed when needed. It also has the ability to monitor all network conversations, HTTP, Email DNS, FTP, MSN, and Yahoo! Messenger’s connections. This provides you with more than enough capability to ascertain the integrity of your network infrastructure.
Capsa also has a range of visual elements to help you see your network activity clearly. For example, you can create graphs based on “Bytes Per Second” and bar charts detailing “Packet Size Distribution by Bytes”. This allows you to monitor your network without having to rely on raw figures alone.
Overall this is a product we recommend if you’re looking for an entry-level network monitoring tool. There are free versions available; Free, Enterprise and Standard. The Free version allows you to monitor up to 10 IP addresses for up to 4 hours. If you want a little more substance, then the Standard version allows you to monitor 50 IP addresses for an unlimited amount of time for $295 (£222). If you need more bandwidth then the Enterprise version allows you to monitor an unlimited amount of IP addresses for $995 (£749). You can also download a free trial from this link here.
7. WhatsUp Gold
WhatsUp Gold is a compelling network monitoring suite. Like Network Performance Monitor, WhatsUp Gold uses SNMP to help you to monitor and troubleshoot your network devices to prevent any issues that can give rise to packet loss. This product is great in many ways, but what really steals the show is its simple user interface. Everything from the controls right down to the dashboard have embraced simplicity.
For example, you can schedule what devices you want to discover through the use of IP addresses, IP address ranges and subnets. While this isn’t as straightforward as SolarWind’s autodiscovery, it gets the job done well all the same. WhatsUp Gold constantly polls devices for an up, down, yes, or no response. This allows the user to cut to the chase and see if a device is up and running or not.
The status of devices can be seen from the main dashboard, where devices are given green or red lights based on their availability. You can also have this information displayed as bar graphs and pie charts if you so choose. Larger teams benefit from the fact that dashboards can be customized for individual users.
In the event that a device goes down, you can receive alerts via email, SMS or Slack. The alerts feature means that you don’t have to be monitoring your network environment 24/7. The alerts system will catch anything that escapes your attention and provide you with a notification that it needs to be addressed.
WhatsUp Gold is an impressive network monitoring solution suitable for SMEs and larger organizations. The minimalist design helps you to make sure that your chance of experiencing packet loss stays low. WhatsUp Gold can be purchased started at a price of $2,656 (£2,001) for 25 devices. There is also a free trial that can be downloaded from this link here.
Network Monitoring to Prevent Packet Loss
Proactive network monitoring is one of your best defenses against packet loss and poor performance. However, don’t make the mistake of thinking that you will be able to eliminate packet loss completely. Even a state-of-the-art network monitoring suite will not be able to prevent packet loss from happening because even the best hardware is bound to go down at some point or another.
That being said, if you are serious about minimizing the occurrence of packet loss then network monitoring is the way to go. It makes more sense to troubleshoot for packet loss conditions before data loss occurs than to spend a fortune buying more infrastructure and bandwidth to keep up.
Your tasks to reduce packet loss requires both testing and troubleshooting strategies. In troubleshooting, you need to watch the performance of your network devices under normal business conditions. The testing option requires an examination of stored traffic data to enable you to run through new scenarios before you add services to the network. So, you need to find a monitoring package that enables you to examine live data and also supports analysis.
We recommend SolarWinds Network Performance Monitor as the best program on this list. The combination of simple autodiscovery and clear visualization make this platform ideal for troubleshooting for packet loss conditions. Although it carries a high price tag when compared to a free tool like Nagios XI, it is more than worth the investment. If you would rather have an alternative product WhatsUp Gold is also a good choice.
However, before making a purchase we recommend trying out a couple of free trials to see which platform is right for your organization. All of the tools on this list can function well within an enterprise environment.