【資料名稱】：Sniffer標(biāo)準(zhǔn)培訓(xùn)教程

【資料作者】：Sniffer

【資料日期】：NA

【資料語言】：中文

【資料格式】：PPT

【資料目錄和簡介】：

Student Reference CD
Contents of CD:
Sniffer Portable trace files
Subdirectory for each Sniffer University course containing all of the trace files referenced in that course
Reference documents
IETF Request for Comments (RFCs)
Appendix material
ATM Forum specifications and glossary
Miscellaneous reference materials
Sniffer analyzer product documentation
Sniffer Portable 4.7
Sniffer Distributed 4.1
Sniffer Watch
Sniffer Reporter
No Copying...
Curriculum Map
Troubleshooting with the Sniffer Portable Network Analyzer
Ethernet Network Analysis & Troubleshooting (10, 100, 1000 Mbps)
WAN Network Analysis and Troubleshooting
Sniffer Portable Switch Expert Analysis & Troubleshooting
ATM Network Analysis and Troubleshooting
Wireless LAN Analysis and Troubleshooting
TCP/IP Network Analysis and Troubleshooting
Microsoft Windows NT Network Analysis & Troubleshooting
Microsoft Windows 2000 Network Analysis & Troubleshooting
Sniffer Distributed Enterprise Management
Sniffer Watch Reports and Management
Sniffer Certified Professional Program
The Sniffer Certified Professional Program (SCPP) recognizes network professionals who can demonstrate an in-depth understanding of Sniffer Technologies software
There are three levels of certification in the program:
1. Sniffer Certified Professional (SCP)
The first level is designed to test the candidate’s knowledge in the use of the Sniffer Portable Network Analyzer
2. Sniffer Certified Expert (SCE)
3. Sniffer Certified Master (SCM)
The second and third levels evaluate the candidate’s knowledge of various networking technologies
www.sniffer.com/education
You will find links for:
The SCPP online resource center
Test preparation materials
Practice tests
Product documentation
Course schedule and catalog
Class listings
Registration Information
Register online
Sniffer University survey
Let us know what you think
Sniffer University contacts
Table of Contents
Course Overview1-9
Introduction and Concepts1-14
Starting Sniffer Portable1-27
Monitoring Network Health and Performance2-1
Monitor Applications2-5
Troubleshooting the Network3-1
Managing Alarms3-10
Capturing Network Traffic 3-19
Expert Analysis 3-31
Using Capture Filters to Narrow the View3-67
Triggers 3-84
Analyzing Network Issues4-1
Decode Window 4-10
Using Display Filters to Narrow the View 4-40
Exercises 5-1
Course Overview
Course Objectives
At the end of this course, you will be able to:
Effectively use the Sniffer Portable Network Analyzer in a logical step-by-step process as a network troubleshooting tool
Employ effective troubleshooting techniques to quickly resolve problems in your networks
Partner with Sniffer Portable to proactively monitor and baseline your networks
Optimize your network and applications using the information you have gained from Sniffer Portable
Major Topics
We’ll show you how to:
Use the Monitor functions to check the health and performance of your networks
Troubleshoot problems by capturing traffic and using the Expert’s help
Analyze the issues by viewing the frames that were captured
Proactively manage the network with Sniffer Portable’s tools and reporting capabilities
And we’ll give you troubleshooting tips along the way
Vital Troubleshooting Skills
Your network
Use Sniffer Portable to monitor segments
Have an accurate logical drawing of your entire network
The protocols being used on your network
Sniffer University has a series of protocol-specific classes to teach you the fine details of troubleshooting and maintaining each type of network
Learn how routers and switches are configured to keep them where they belong
Resources available to help you find answers quickly
Additional Resources
Industry Standards, Protocol Specifications, and Product Documentation
Technical Support
Networking Professional Organizations
Fellow Troubleshooters
Books
Introduction and Concepts
Section Objectives
At the end of this section, you will be able to:
Describe the system requirements and supported interfaces of the Sniffer Portable Network Analyzer suite
Relate the OSI Reference Model to a frame on the wire
Start the Sniffer Portable Network Analyzer
Configure a Sniffer Portable local agent
Identify menu items and icons on the Toolbar and Status bar
Generate traffic with Packet Generator
What is a Sniffer Analyzer?
A network troubleshooting tool that assists you in finding and solving network communication problems, analyzing and optimizing network performance, and planning for future growth
Monitor application provides statistics in real time
Capture does real time Expert Analysis as frames are gated into the capture buffer
Profiles make loading complex filters and settings easy to save and activate
Post-capture packet display allows you to analyze the frames in-depth using multiple views
Active tools allow you to generate frames, buffers or perform other tests
Sniffer Analysis Suites
Portable Analysis Suite
Sniffer Portable LAN
Sniffer Portable WAN
Sniffer Portable High-Speed


Distributed Analysis Suite
Sniffer Distributed Agent
Sniffer Distributed Console
Sniffer Distributed
Snifferbook
Analyze T1/E1
RS/V with LM2000 Adapter
Troubleshooting Flowchart
Sniffer Portable Operation
System Requirements
Windows 98 SE, 2000, or NT 4.0
Sniffer Portable Software (Provided by Network Associates)
Microsoft Internet Explorer with MS Virtual Machine and media player
Pentium 400 MHz CPU with minimum 128 MB RAM (256 MB recommended) and minimum 125 MB free disk space
Network Interface Card with NDIS 3.0+ driver
Enhanced NAI drivers for selected cards enhance performance and allow error frames to be captured and analyzed
Supported Interfaces
Ethernet 10/100
Token Ring 4/16
FDDI
HSSI
Full Duplex (supported with a pod)
ATM
WAN
Gigabit Ethernet
802.11b Wireless LAN
Enhanced Drivers
OSI Reference Model
The OSI Model and Frames
Frames include headers at several layers of the OSI model
The number of headers in a frame is protocol-dependent
Each header has multiple fields that are also protocol-dependent
The Sniffer Network Analyzer reads the entire frame and decodes each byte (and sometimes each bit) into an English explanation of the values
Starting Sniffer Portable
Starting Sniffer Portable
Open the SNIFFER.EXE application using your favorite Windows method
From the File menu, go to Select Settings... and choose the local agent (adapter) you want to use
Adapters must be previously configured in Windows and use NAI enhanced or NDIS 3.0+ compliant drivers
The application automatically starts monitoring the traffic seen on the active local agent
Your settings are saved when you exit the application, so it will automatically begin monitoring on the local agent you last chose
What is a Local Agent?
A local agent is a logical reference to a collection of settings, addresses, and profiles associated with an adapter
Each local agent has a unique directory under the Sniffer Program directory
Changes you make are saved in the directory of the active local agent
Select Settings...
The title bar indicates the active local agent
Select the Adapter
Settings dialog contains local agents that you have defined
Creating a new local agent allows you to maintain separate settings for each network you analyze
The settings for each will be maintained in separate “Local” directories under the Program directory

Create a New Local Agent
New... from previous menu shows this screen

Assign a name
Choose the adapter
Specify the Pod
Copy settings from another agent
User Interface
The Toolbar
Status Bar
Watch the lower right corner of window for real-time counts
Getting Help
Three ways to get help in Sniffer Portable:
1. Use the Help on the menu bar to access the comprehensive on-line User’s Guide

2. Highlight an area on the screen and press F1 for context-sensitive help
3. Click on theicon
Major Components
Exercise 1-1
Launch Sniffer Portable
Using Packet Generator
What is Packet Generator?
The main purpose of the packet generator is to stress test your network
You can configure it to generate:
A buffer of previously captured data
A frame from the displayed data
A new frame you configure before generating
A frame with no data
Monitor and Capture while generating to view the effect of the new data on the network
We will use it in class to generate trace files while viewing Monitor and Capture screens
Loopback Mode
Transmitting frames from the buffer with the Packet Generator to “replay” a trace file can be very useful to quickly show Monitor or Capture statistics
WARNING: Make sure that you enable Loopback Mode before starting traffic generation
The Packet Generator
Capture or load and display a trace file
Tools > Packet Generator

Packet Generator Views
Animation View—shows data being “pumped” into the network:
Detail view—displays statistics:




Monitoring and Capturing from a File
To enable Monitor in the classroom when a live network is not available, we must
Set the local agent to Loopback Mode
Load a trace file
Generate traffic from the trace file
Monitor will accept the data as if it came from the network and give us statistics to view
The next couple of slides show the process to make that happen…
Generating From a File
Under Files:
Select Loopback Mode if no  is visible
Open the trace file
Frames will be stored in the Capture buffer
Display the data
From the Tools pull-down menu:
Choose Packet Generator
Select the Send Buffer icon
Configure the number of times to send the buffer
Note the counts in the lower right counter as frames are generated
Generate Buffer Configuration
Configure how often to send:
Effects on Network Performance
What happens when you transmit data into a live network?
Generating Traffic
So, why would you want to generate traffic?
Test new equipment in a lab before installing it in a live network
Test vendor’s claims for new equipment performance, e.g., packets/frames per second forwarded by a particular brand and model of router/switch
Play back a trace file and observe its operation
Induce a known load of null traffic to see how a network will react to increased bandwidth usage
Test a Network Interface Card’s operation
Laboratory testing of suspect routers, switches, gateways, and NICs to ensure proper performance
Summary
In this section, you learned how to:
Describe the system requirements and supported interfaces of the Sniffer Portable Network Analyzer suite
Relate the OSI Reference Model to a frame on the wire
Start Sniffer Portable
Configure a Sniffer Portable local agent
Identify menu items and icons on the Toolbar and Status bar
Generate traffic with Packet Generator