In-Depth

Palm Reading

It’s a moment every administrator dreads: Your network is crying for help, and you don’t know why. Wouldn’t it be great if, right in your hand, you had a tool that could diagnose the problem? We test four handheld analyzers to see just how they can make your job easier.

• By James Carrion
• July 01, 2003

When the network is down, screaming users and an irate boss turn some network administrators into troubleshooting machines. Others simply rely on the fates, with ad-hoc troubleshooting techniques or default diagnostic utilities. Worse yet, some put their faith in plain, dumb luck (i.e., reboot everything). Sure, the network eventually comes back up, but the extended downtime has your users and boss still fuming and, perhaps, even plotting your demise. What you really need are good troubleshooting tools that can quickly pinpoint the problem—and make everyone’s future a bit brighter.

Handheld network analyzers started out as basic, physical-layer, network-diagnostic tools and have evolved continuously. They now perform multifunction diagnostics at all layers of the OSI model, helping administrators troubleshoot myriad network problems. Ten years ago, I watched a co-worker use a multimeter to detect shorts in cables and connectors while lugging around a heavy oscilloscope to perform basic diagnostics. Today’s network analyzers—which are small, self-contained devices—can perform the same tests and provide results in a user-friendly graphical format.

The four handheld network tools in this article—two of them high-end, full-featured network analyzers, and the other two, basic network testers—can help identify many network problems.

Product Information FrameScope 350 Handheld Network Performance Analyzer (N2610A) $6,366 Agilent Technologies www.agilent.com NetTool Inline Network Tester $1,495 Fluke Netowrks www.flukenetworks.com OptiView Pro Gigabit Integrated Network Analyzer $23,595 Fluke Networks www.flukenetworks.com Pinger Network IP Tester $349 Psiber Data Systems Inc. www.psiber.com

High-Level Analysis

Fluke Networks’ OptiView Pro Gigabit Integrated Network Analyzer

To call this tool a handheld network analyzer is stretching things a bit, as it feels like you’re cradling a football. OptiView is a handheld tablet computer that comes with a PC card slot, USB and serial ports, and a touch-screen color display. OptiView is designed for LAN/WAN/wireless troubleshooting, and the standard model is configured with 10BaseT and 100-BaseTX interfaces. You can upgrade to one of the Pro models—which adds RMON2 and 100BaseFX fiber-optic interfaces, as well as packet capturing and decoding capabilities—or to the luxurious Pro Gigabit model, which offers a 1000BaseSX interface. The Pro Gigabit model tested had an optional 802.11b wireless diagnostic PC card.

OptiView troubleshoots problems at all seven layers of the OSI model, so it understands the basics of lower-level protocols (like Ethernet and IP) and is equally fluent in higher-level protocols, such as NetBIOS and Server Message Blocks (SMB). OptiView comes with two basic diagnostic programs: OptiView Analyzer, which diagnoses network problems on LAN ports, and OptiView Wireless Analyzer, which troubleshoots 802.11b wireless networks.

OptiView LAN analyzer gathers a large amount of diagnostic information—including LAN utilization, top protocols used, top talkers, top conversations and so on—to give you a bird’s-eye view of what’s happening on the network. The built-in discovery tool finds all network access devices, SNMP agents, hubs, switches and routers, IP and IPX networks, and NetBIOS hosts and domains, and reports any problems encountered. It has built-in ping, trace route and route-table viewer tools and comes with a separate Management Information Base (MIB) browser.

The built-in cable tester checks fiber and copper cables and graphically maps out wire pairs through a built-in or remote wiremapper. Another neat feature is the traffic generator, which places real traffic loads on the network. A built-in sniffer can capture and decode network traffic.

Figure 1. Fluke's OptiView troubleshoots problems at all seven layers of the OSI model.

I put OptiView to work by troubleshooting my own test wireless network. It immediately detected my SMC Networks access point, secured an IP address and warned me that Wired Equivalent Privacy (WEP) wasn’t enabled, so packets were being transmitted in the clear. I was able to capture all the wireless traffic between my laptop and the access point and decode the packets. In truth, I’m not too worried about the lack of security because I live out in the boondocks; unless the deer are war driving, I’m pretty safe.

Overall, the Optiview Analyzer is a great, albeit pricey, product capable of troubleshooting almost any network problem that a large enterprise network could experience. There were a couple of negatives: The color screen was hard to view, and the operating system was out of date years ago. I would hope that Fluke upgrades to Windows XP or Windows 2000, as Windows 98 is antiquated for such a device.

Agilent’s FrameScope 350

FrameScope 350 is a cable and network troubleshooting and certification tool that provides much of the same functionality as OptiView, with the exception of wireless/WAN diagnostics and packet capture/decode. Although it’s not a PC like OptiView, it does have a user-friendly graphical interface and the color touch-screen display (under the same lighting conditions) was easier to see than OptiView’s.

FrameScope is a Level-3, twisted-pair certification tool that tests up to Category 6 cable for cable length, attenuation, wiremap, near-end crosstalk (NEXT), return loss and so on, and then saves a certification report for each test. FrameScope also tests and certifies single-mode or multimode fiber. There are really two devices needed to certify your cable infrastructure: FrameScope 350 and another device, DualRemote, which connects to the other end of the cable run.

Figure 2. One great FrameScope feature is the ability to control the tool remotely using your Web browser, allowing interactive access from either end.

I put FrameScope to work certifying my own home network. When my home was under construction, I had the contractor run Speed Wrap cable (copper and fiber cables bundled in one jacket) to most rooms in the house and to a central patch panel. I terminated the copper myself but left the fiber unterminated for future use. Certifying the cable to Category 5e standards was easy with FrameScope. I simply plugged DualRemote into a room jack, plugged FrameScope into the corresponding port on the patch panel, and ran the AutoTest for the Category 5e profile. These profiles can be edited or you can create your own, specifying the standards to which you want to test, as well as the exact cable and connecting hardware in use. FrameScope provides immediate feedback on whether the test passed or failed, along with detailed test data and graphs. You can save the results to internal memory or card-flash memory for later upload. All of my home cable drops tested fine and passed certification testing except one that had a wire pair switched.

FrameScope allows customization of cable test labels, which can be printed directly to a Brady TLS2200 label printer. You can also plug handsets into FrameScope and DualRemote so that two operators can communicate and coordinate activities remotely. FrameScope comes with a software package called ScopeData Pro, to which you can upload the cable test results, either through a serial or USB connection. You can view and manipulate individual records and print out comprehensive reports to document your cable infrastructure certification.

FrameScope is much more than just a cable-certification tool. It provides autodiscovery of network devices; network-utilization statistics; and network diagnostic tools, like ping, trace route and SNMP queries. The handy “blink port” option allows you to determine the hub or switch port to which a drop is connected. FrameScope can also generate real network traffic for simulating packet loads on the network.

Small but Mighty

Fluke Networks’ NetTool Inline Network Tester

NetTool is about the size of a handheld video game and can be used to test basic network connectivity or discover devices and protocols on the network and report network problems just like its big brother, Fluke OptiView. It has two RJ45 jacks into which you can plug both ends of a patch or crossover cable to test cable length and wiremap. You can also plug it inline between a hub and a computer connection; NetTool will report LAN speed, discovered protocols, discovered devices (routers, NetWare or NetBIOS servers, printers, and so on) and network utilization. There’s also a built-in ping tool.

NetTool comes with a software package called NetTool Blaster, downloads firmware updates to NetTool’s serial port and uploads screen captures in .BMP format. You can also customize NetTool’s splash screen with your own name and graphic.

Figure 3. Fluke's NetTool can be used to test basic network connectivity or to discover devices and protocols on the network.

Putting it to work on my own test network, the NetTool quickly detected my test servers and verified name resolution was working. Using the Optiview Analyzer to inject a traffic load on the network, the NetTool correctly reported the network utilization rate.

As a basic layer 1 to 3 troubleshooting device, NetTool does an adequate job, and field techs will benefit from its portable size. It really shines in its ability to detect problems at higher layers—something most in-the-trenches technicians would have problems diagnosing without a laptop computer.

Psiber’s Pinger Network IP Tester

Pinger is a basic network-trouble-shooting tool that verifies physical and network-layer connectivity between two network devices. These devices both can be Pingers, or one can be a Pinger and the other a network host. You can also test DHCP address assignment, as the Pinger functions as a DHCP client.

Configuring Pinger is simple: Plug in an IP address, subnet mask and default gateway; connect to an Ethernet network; and ping a local or remote device. Pinger sends Internet Control Message Protocol (ICMP) echo-request packets to a specified IP address and reports back round-trip communication time, as well as the MAC address.

Figure 4. Psiber's Pinger provides an easy method of verifying physical and network-layer connectivity.

Pinger only works on a 10BaseT port, so if you connect it to a 100Base hub or switch, you’ll need to set the port to autonegotiate down to 10BaseT. The Pinger can detect duplicate IP addresses on the network if you happen to be pinging that address, and there’s a Port ID option that allows you to find out into which hub or switch port a cable is plugged.

If a computer can’t access the network, you can quickly eliminate the source of the problem by verifying Layer 1 and 2 connectivity. This could be done by plugging in a laptop to the same network jack and using the standard Ping command, or you could use the cheaper, more portable Pinger instead.

The Future Is in Your Hands
Troubleshooting a network requires skill and patience, but you can fix any problem quickly with the right tools. On the high end, the Fluke OptiView offers all the diagnostic tools you need to find out what’s ailing your LAN/WAN or wireless network, while the Fluke FrameScope does an excellent job in certifying your cable infrastructure and troubleshooting the LAN. The Fluke NetTool and the Psiber Pinger don’t offer the bells and whistles of the higher-end tools, but they do offer enough features for you to narrow down most physical and network layer problems. Most important, these tools will keep your network humming, your users happy, and make your job easier.