For the majority of network administrators, the launch of Windows Server is a good news, because you do not have to bother looking for network monitor programs from third-party vendors, windows2000Server itself provides a very good network monitor program. Let's take a look at how Windows2000Server uses Network monitors:
1. Network Monitor Overview
Use a network monitor to capture and display frames (also called packets) received by computers running Windows server from a LAN ). Network administrators can use network monitors to detect and solve possible network problems on local computers. For example, as a network administrator, when the server computer cannot communicate with other computers, you can use network monitor to diagnose hardware and software problems. Frames captured by the network monitor can be saved as files and then sent to professional network analysts or support institutions. In addition, network application developers can monitor and debug network applications using network monitors during development.
The Microsoft System Management Server contains the full version of the network monitor. As a supplement to the functions of the Windows2000 Network Monitor, the system management server network monitor can capture frames sent to and sent to all computers on the CIDR block, and edit and transmit these frames. The following describes related terms:
1. Network Data Flow
Network Monitor monitors network data streams, which are composed of all information transmitted over the network at any time. Before the information is transmitted, the network software divides it into smaller blocks, which are called frames or data packets.
2. frames, whether transmitted through broadcast, multicast, or direct transmission, are composed of several different blocks so that they can be analyzed separately.
Some data blocks contain Network monitors that can be used to answer network problems. For example, by checking the target address, you can determine whether the frame specifies the broadcast frames that must be received and processed by all hosts or the direct transmission frames sent to the specified host. By analyzing frames, you can determine the exact cause of frames, which helps determine whether the services that produce such frames can be optimized. Clarified the components of Ethernet frames:
3. Capture Network Data
The process of network monitor frame copying is called capture. You can capture all network communications sent to or from the local Nic, or set a capture filter to capture the subset of frames. You can also specify a series of conditions to trigger the network monitor to capture filter events. By using a trigger, the network monitor can respond to events on the network. For example, you can enable Windows to start executable files when network monitor detects a series of specific situations on the network. After capturing the data, you can view it. Network Monitor performs a lot of data analysis by converting the raw captured data into its logical frame structure. The network monitor uses the Network Driver Interface Specification (NDIS) function to copy all frames it detects to the capture cache.
Note:
Because the network monitor version in Windows uses the "local only" mode of NDIS instead of the hybrid mode, you can still use the network monitor even if your network adapter does not support the hybrid mode. When you use the NDIS driver to capture frames, the network performance is not affected. (In mixed mode, the NIC can increase the CPU load by 30% or more .)
[Content navigation] |
Page 1: Overview |
Page 1: Network Monitor |
Page 1: Network Monitor |
|