Previous Table of Contents Next


Chapter 5
Network Baselining as a Planning Tool

Gilbert Held

“Baselining” allows network administrators to determine the utilization of network equipment and transmission facilities. Although baselining has its origins in telephone company switch-capacity planning, it is also very applicable for communications network planning. Applying the baseline examination concept to a network provides communications managers with information that can be extremely valuable in their network optimization efforts.

INTRODUCTION

Baselining provides a mechanism for determining the level of utilization of a network, including its computational and transmission facilities. As such, it plays a central role in a network manager’s capacity planning effort because the baseline shows whether or not there is currently sufficient capacity available, as well as providing a foundation for future network measurements that can be compared to the baseline to indicate the direction of network utilization. Thus, the network baselining effort represents the first major step in the capacity planning effort.

In addition, baselining enables network managers and administrators to identify and respond to network capacity requirements before they become an issue, in effect providing a mechanism to head off network-related problems.

BASELINING TOOLS AND TECHNIQUES

There are a variety of network baseline tools and techniques that can be used to facilitate an organization’s capacity planning effort. The actual techniques employed are commonly based on the type of tool used. This chapter focuses on a number of commercially available network baselining tools and discusses appropriate techniques concerning their use.

SimpleView

SimpleView is an easy to use and relatively inexpensive Simple Network Management Protocol (SNMP) management platform from Triticom, Inc. of Eden Prairie, MN. Through the use of SimpleView, users can retrieve statistical information maintained by Remote Monitoring (RMON) network probes. SimpleView supports a Management Information Base (MIB) walk capability shown in the MIB Walk window that lets a user click on a MIB group, select the group starting point, or double-click on the group to explode its elements, enabling a specific element from the group to be selected for retrieval.

NEWT

NetManage of Cupertino, CA, well known for its Chameleon suite of Internet applications, also markets a program called NEWT that can be used to monitor the use of desktop applications as well as to provide statistics on network activity associated with individual users. Exhibit 1 illustrates the use of NEWTMonitor on the author’s computer to monitor the number of simultaneous FTP sessions occurring over a period of time. Doing so can be extremely important, especially when used in conjunction with normal RMON traffic statistics that do not look beyond the data link layer. NEWTMonitor enables the use of specific types of TCP/IP applications. In comparison, if the network probes and network management system support RMONv2, or can be upgraded to this new version of RMON, it can be used to Obtain a distribution of traffic through the application layer.

Exhibit 2 illustrates the use of NEWTGraph to display different TCP/IP statistics by node. In the example shown in Exhibit 2, the author displayed Interface Errors for his node.

EtherVision

When checking the activity associated with an individual network, users can choose from a variety of network monitoring programs. One such program is EtherVision, also from Triticom, Inc. of Eden Prairie, MN.

Exhibit 3. illustrates the statistics summary display based on the monitoring of frames using their source address for constructing a statistical baseline. EtherVision supports monitoring by either Source or Destination address, enabling users to build two baselines. In examining Exhibit 3, note that the statistics summary presented indicates the frame count over the monitored period of time, current network utilization in the form of a horizontal bar graph, and a summary of “average,” “now” or current, and “peak” utilization displayed as a percentage, as well as the time peak utilization occurred. The latter can be extremely handy, as it allows a user to run the program on a workstation connected to an Ethernet LAN and return at the end of the day to determine the peak percentage of network use as well as when the peak occurred.


Exhibit 1.  The NetManage NEWMonitor Program.


Exhibit 2.  The NetManage NEWGraph Program.


EXhibit 3.  The Triticom EtherVision Statistics Display.

Although not shown in Exhibit 3, an EtherVision user can also set the program to generate a report that will log each period of activity over a certain percentage of network activity. Then, using the logged report, a network manager or LAN administrator can easily determine the distribution of network utilization throughout the monitoring period.

In the upper right corner of Exhibit 3, note that EtherVision maintains a distribution of frames transmitted on the network based on their size or length, falling into five predefined intervals. By examining the distribution of frames based on their length, users can determine the general type of traffic flowing on a network. This is possible because interactive query-response applications are generally transported in relatively short frames. In comparison, file transfers, such as Web-browser pages containing one or more images, commonly fill frames to their full length. In examining the distribution of frame sizes shown in Exhibit 3, note that there are a relatively few full-sized Ethernet frames in comparison to the total number of frames encountered during the period of monitoring. This indicates a low level of file transfer and Web browser activity occurring on the monitored network.


Exhibit 4.  EtherVision Displays Network Utilization Over a Period of Time.

Although EtherVision provides numeric information concerning network utilization, many users prefer to work with charts that note trends at a glance. To accommodate such users, EtherVision includes a number of built-in displays such as the one shown in Exhibit 4, which plots network utilization over a period of time. By examining a visual display, users can immediately note any potential capacity-related problems. In the example shown in Exhibit 4, the maximum level of network utilization is slightly above 46%. However, based on the monitored period, network traffic rose from 22 to 46% numerous times during the monitoring period. Since an Ethernet LAN gets congested at utilization levels above 50% due to its CSMA/CD access protocol, and the effect of the delay associated with the use of a random exponential backoff algorithm after a collision occurs, Exhibit 4 indicates a baseline of network utilization that justifies careful attention and a scheduled remonitoring effort to ensure traffic on the network does not turn into a bottleneck.


Previous Table of Contents Next

Copyright © CRC Press LLC