22. 09. 2016
NetEye, Predictive Analysis, Real User Experience, Unified Monitoring
24. 02. 2016
Luca Di Stefano
NetEye, Real User Experience
Discover Overloaded Machines with NetEye RUE
With NetEye RUE we are able to build up a reliable Application and Network Performance Monitoring, by analyzing the real traffic. However, is there also a possibility to gather information about the state of the PCs and servers?
Yes, it is! In the TCP communication, there exists a certain event, which informs us about the state of “suffering” of a PC/server or application. This event is called zero window. If the PC/server is monitored with NetEye, we are even able to depict the state of the machine during the point in time when the event occurred.
Zero Window – Technical Explanation:
Zero Window is an event in the TCP communication, which occurs when the buffer runs full.
All packets that are send to an application (expl. Firefox) are initially read by the network card of the operating system and temporarily stored in the buffer, where they remain until the application reads the packets and consequently deletes them from the buffer. Unfortunately, the deletion of the buffer does not always happens correctly or is processed too slowly. This may happen when the application is blocked or there is not enough CPU (overloaded PC). In these cases, the buffer runs full very quickly.
With a full buffer it is not possible to receive additional data, therefore the TCP protocol sends a notification to the sender to temporarily stop the transmission. Obviously, such situations result in a very bad user experience.
Zero window provides us the information if a PC (or rarer, a server) is in trouble because of an overload or a downtime of the application.
In NetEye RUE we’ve added the zero window information to the KPIs of the performance analysis (network latency, application latency, loadtime).
Conclusion
Through the information about a present zero window, we are able to explain situations where requests show long load times, but network latency and application latency are unremarkable.
If a request shows a value higher than 0 in zero window, we have a simple explanation for long load times and can assign the problem to the local PC.
Luca Di Stefano
Solution Architect at Würth Phoenix
Hi everyone, I’m Luca, graduated in electrical engineering from the University of Bologna. I am employed by Würth Phoenix since its foundation. I worked mainly as enterprise architect and quality assurance engineer. Previously I was involved in systems measurement and embedded systems programming. I have gained experience on Unix (Solaris, HPUX), Windows, and C, C + +, Java. I personally contribute to the Open Source community as beta tester and developer. During my spare time I love piloting airplanes fly over the beautiful Alps. I practice many sports: tennis, broomball, skiing, alpine skiing, volleyball, soccer, mountain biking, middle distance, none have a sample but the competition excites me! I love hiking, tracking and traveling.
Author
Latest posts by Luca Di Stefano
27. 04. 2017
Uncategorized
Chi si sta mangiando la banda? Scoprilo con ntopng
27. 04. 2017
Uncategorized
Identifizieren Sie Bandbreitenfresser mit ntopng
22. 09. 2016
NetEye, Real User Experience Monitoring
Warum erhöht sich meine Netzwerk-Latenz an Arbeitstagen?
22. 09. 2016
NetEye, Predictive Analysis, Real User Experience, Unified Monitoring
Why does my local network latency increase during working hours?