![]() | Sun System Handbook - ISO 4.1 October 2012 Internal/Partner Edition | ||
|
|
![]() |
||||||||||||
Solution Type Technical Instruction Sure Solution 1004130.1 : Sun StorageTek[TM] 5000 Series NAS: How to configure for network packet capture
PreviouslyPublishedAs 205739 Description Description Symptoms:
Purpose/scope: When troubleshooting network related issues on the Sun StorageTek[TM] 5000 series NAS, it is sometimes necessary to examine the specifiics of the network This procedure details how to collect this data. Steps to Follow The Sun StorageTek[TM] NAS provides limited packet capture capability. It is capable of capturing only a limited number of packets. This limitation makes it suitable for capturing an easily reproduced issue, such as a failure to join a Windows Domain or a failure to mount an export, but generally unsuitable for tasks such as determining why a 100MB file copy that is slow. For high-volume traces such as this, it is best to use a full featured packet capture utility, installed on one of the client This document with detail the following steps:
Step #1 -- Select the clients to capture data from: The purpose of this step is to create a filter to limit the number of packets captured. This serves two purposes. First, it filters out data that is not pertinent to the issue, In many cases, it is desirable to collect multiple traces, usually to provide data to compare against a working configuration. For example, if a particular operation works Include Based Filter: In a case where the systems required to reproduce the issue are easily identified, an include based filter is best. Identify the systems involved in the communication, and Here are a few examples: Failed attempt to join a Windows domain - Capture traffic between the NAS and the domain controller only. Failed NIS+ authentication - Capture traffic between a test client and the NAS, and between the NAS and the NIS+ server. Windows client fails to map a share, or slow copy of a small file - Capture traffic between a test client and the NAS, and between the NAS and the Windows Domain controller. Another important consideration is that you must ensure that none of the systems involved in the test is generating traffic to the NAS not related to the issue. For this reason, Exclude Based Filter: For cases where the systems involved in the capture are not easily identified, or traffic needs to be captured from more than four pairs of systems, an exclude based filter is In this case, the first line of your filter will be NAS IP <--> any, which is all traffic to and from the NAS. The other entries will used to exclude traffic. One of these will be NOTE: On a switched network, the NAS will not be able to capture point to point traffic between other systems. If this is necessary, e.g. comparing NAS behavior to a Windows Step #2 -- Load the packet capture tool and configure options.
Enter "1", Edit Fields, and enter the following data: Capture File: Provide a full path including volume and a new filename for the capture file, e.g. /vol1/datacollection/trace1.cap. Frame size: Unless specifically instructed, leave this at the default of "0", which will capture entire frames. IP Packet Filter: Enter "Y", Yes.
Filter lines: Enter your selections from step #1 by IP address. To capture all traffic to and/or from an address, use the ANY parameter. To collect only incoming or outgoing Dump Enable: Enter "Y", Yes. NOTE: For a NAS with multiple active network interfaces, each must be included separately. Step #3 -- Reproduce the network event and capture it: At this point, the configuration is done, and all that remains is to start the capture. Ensure that what you wish to capture is ready to go, and enter "7", Start Capturing. Reproduce the event to be captured as soon as possible after starting the trace. Ensure that this is done from the very beginning. For example, for a client issue, After the symptom has been reproduced, return to the NAS console, telnet or ssh session and enter "7", Stop & Save. For multiple attempts, or for comparing a Step #4 -- List client systems and test conditions: An important and often neglected step is to report exactly what was done in each capture. Timelines and IP addresses are the most important. For a trace of a particular IP addresses: test client #1 - CLI1 192.168.2.2 test client #2 - CLI2 192.168.2.3 NAS - SERVER1 192.168.2.20 Domain Controller ADS3 192.168.2.40. Trace CIFS01.cap shows client CLI1 attempted to open share X1 from SERVER1 about 10 seconds after the trace started, Trace CIFS02 shows client CLI2 successfully openingconnecting to share X1 within 5 seconds.'' Step #5 -- Send the capture output and test data. Add the above captures and description files to a single file, name the file according to the company name and/or the case number. Unless otherwise instructed, Product Sun StorageTek 5320 NAS Gateway/Cluster System Sun StorageTek 5320 NAS Appliance Sun StorageTek 5310 NAS Gateway/Cluster System Sun StorageTek 5310 NAS Gateway System Sun StorageTek 5220 NAS Appliance Sun StorageTek 5310 NAS Appliance Sun StorageTek 5210 NAS Appliance Internal Comments This document contains normalized content and is managed by the the Domain Lead(s) of the respective domains. To notify content owners of a knowledge gap contained in this document, and/or prior to updating this document, please contact the domain engineers that are managing this document via the “Document Feedback” alias(es) listed below: [email protected] The Knowledge Work Queue for this article is KNO-STO-NAS The packet data is written in Network Monitor 2.0 format. The most easily available tool to view the captured data is the open source utility Ethereal. Some training is required to be able to understand the output, but you can generally tell from the number and type of packets captured if the trace was successful. Download ethereal at http://ethereal.com. There are versions for various operating systems. NAS, network trace, packet capture, normalized Previously Published As 89171 Change History Date: 2010-01-03 User Name: Will Harper Action: Currency check Comment: Still current Date: 2007-05-03 User Name: 71396 Action: Approved Comment: Performed final review of article. No changes required. Publishing. Version: 3 ***Checked for relevance on 01-Oct-2012*** Attachments This solution has no attachment |
||||||||||||
|