Job Recruitment Website - Zhaopincom - Causes and solutions of network packet loss
Causes and solutions of network packet loss
Many times, we may encounter intermittent network connection failures. Faced with this network failure, many network administrators will use the Ping command to test the connectivity of the network. The test results show that the packet loss on the network transmission line is very serious at this time. So what caused the serious phenomenon of packet loss? Is the connection cable unstable? Is it a network virus? Or other potential factors?
Reason 1: Physical line failure.
The network administrator found that the WAN line was intermittent. This may be the fault of the line or the user. In order to distinguish whether it is a line fault, you can do the following tests.
If the WAN line is realized through a router, you can log in to the router and send a large number of packets to the WAN interface of the opposite router through extended ping for testing. If the line is realized by a three-layer switch, you can connect a computer at both ends of the line, set the IP address as the WAN interface address of the local three-layer routing switch, and use the "ping the other computer address -t" command to test.
If there is no packet loss in the above test, it means that the line provided by the line operator is good, and the fault is caused by the user himself, which needs further search.
If packet loss occurs in the above test, it means that the fault is caused by the line provided by the line supplier, and it is necessary to contact the line supplier to solve the problem as soon as possible.
There are many packet loss phenomena caused by physical lines, such as optical fiber connection problems, misalignment between jumpers and equipment interfaces, twisted pair, RJ-45 connectors and so on. In addition, datagram errors caused by random noise or sudden noise, interference of radio frequency signals and signal attenuation may all cause packet loss. We can use the network tester to check the line quality.
Reason 2: Equipment failure.
Equipment failure mainly refers to the failure of equipment hardware, excluding packet loss caused by improper software configuration. If the network card is broken, one port of the switch has a physical failure, the electrical port of the optical fiber transceiver does not match the interface of the network device, or the interface duplex mode of the devices at both ends does not match.
I have seen an example of packet loss caused by the failure of the optical fiber module at the switch port. After a period of communication, the switch crashed, that is, it could not communicate, and returned to normal after restarting. After a period of observation, it was found that there was something wrong with a certain optical fiber module, so a new module was replaced and everything was normal.
The reason is that the switch will perform CRC error detection and length check on all received packets, discard the packets with errors and forward the correct packets. However, in this process, some packets with errors were not detected in CRC error detection and length check. Such packets will not be sent out or discarded in the forwarding process, but will be accumulated in the dynamic cache and will never be sent out. When the cache is full, it will cause the switch to crash. Therefore, the packet cannot reach the destination host.
Reason three: network congestion.
There are many reasons for the increase of packet loss rate caused by network congestion, mainly occupying a lot of router resources.
If it is found that the network speed is slow and the packet loss rate rises, the process cpu and the process mem should be displayed. It is generally found that the IP input process takes up too many resources. Next, you can check whether fast switching is disabled at the outbound port with high traffic, and if so, you need to reuse it.
Let's see if fast switching on the same interface is disabled. For example, when an interface is equipped with multiple network segments and the traffic between these network segments is heavy, the router works in process switching mode. In this case, the command "enable IP route-cache same-interface" should be executed on the interface.
Next, use the show interfaces and show interfaces switching commands to determine the ports where a large number of packets enter and exit. After entering the port, open IP Accounting on the outgoing interface to see its characteristics. If it is an attack, the source address will change constantly but the destination address will not change. You can use the Access List command to solve this problem temporarily (it is best to configure it on a device close to the attack source), and the final solution is to stop the attack source.
There are many situations that cause network congestion in applications, such as a large number of UDP traffic, which can be solved by solving spoonattack. A large number of multicast streams and broadcast packets pass through the router, and the router is configured with IP NAT, and many DNS packets pass through the router. After the above situation causes network congestion, both communication parties take flow control and discard the packets that cannot be transmitted.
Reason 4: MTU is not configured properly.
Improper setting of MTU of key equipment can also cause network packet loss (Ethernet: 1500 bytes, IEEE 802.3/802.2 1492 bytes). View the MTU configuration of key devices in the network.
After knowing how to locate the location of network packet loss, network management needs to further analyze the causes of packet loss in order to troubleshoot the fault. After opening the network analysis software, we can configure the network file, select the analysis file, and then we can start the analysis.
First, we can add utilization statistics to the chart. We can see that after 14:38:05, the network utilization suddenly rose, approaching 40%. The recommended utilization rate is not higher than 15%. When the network utilization rate exceeds 30%, the packet loss rate is 1%, which increases geometrically. In this network, the utilization rate is as high as 40%, and there must be serious packet loss.
Knowing that TCP packets will be retransmitted if they are lost, the network manager can find out the host with serious TCP packet retransmission in the diagnosis.
How to judge the existence of network packet loss
Usually we use the PING x.x.x.x -t command to test whether there is packet loss in the network.
As can be seen from the above figure, when the local computer PINGs to the nonexistent address192.168.122.2 for a ping time, all the internet control message protocol sent out are lost, and the loss rate reaches 100%. That is, there is packet loss on the path from this machine to the actual unreachable address192.168.6438+022.2.
Location network packet loss analysis steps
In the case of network packet loss, users will obviously feel that the network speed is slowing down. At this point, the first thing the network administrator needs to do is to ping X.X.X.X–T to diagnose which network segment it is. If the loss rate does exist, we can use Collet software for further analysis.
Before analyzing, it is necessary for us to learn the previous knowledge.
One of the characteristics of TCP protocol is to ensure the reliability of data transmission, that is, to ensure that data can be transmitted correctly and completely. So how is TCP guaranteed? It can be seen that TCP has a transmission confirmation-retransmission mechanism in the transmission process, that is, the sender will compile a serial number for each segment when transmitting data, and the receiver will send a confirmation to the sender to confirm whether the data has been transmitted accurately, and then retransmit when it is impossible to confirm whether a certain segment of data has been transmitted accurately.
So in the case of network packet loss, there must be TCP packet retransmission.
1. Solution
Analyze the traffic occupation of key links (usually exit links) to see whether the network utilization rate is too high, whether there are too many packets per second, whether the packet size distribution is reasonable, and whether the TCP session is normal.
Of course, the most fundamental method is to limit the user traffic, that is, to control the traffic of each user surfing the Internet, such as prohibiting access to video websites and other websites unrelated to work content, and at the same time to limit the traffic of each user accurately to prevent them from occupying the limited network bandwidth excessively.
We can also provide quality of service (QOS) for some traffic. For example, we can give priority to work-related traffic, such as web access and email traffic, so as to alleviate network congestion to some extent and ensure that high-priority business can be forwarded first. (the method of treating the symptoms rather than the root cause)
2. In addition, regarding the problem that ping IP always loses packets:
There are usually several reasons:
3. In short, the general troubleshooting methods are:
Quoted from: [/art/201810/584884.htm.
- Previous article:What about Yunnan Shunjing Landscaping Engineering Co., Ltd.?
- Next article:What is the pool area of Wuhan Creative World office building?
- Related articles
- How about Yuping Kangju New Material Technology Co., Ltd.?
- Does Thomson Guangdong Display Device Co., Ltd. Dongguan Branch recruit general workers?
- Salary of Exploration and Research Institute of China General Bureau of Coal Geology
- Responsibilities of Property Engineering Clerk
- Where can I find the recruitment information of national civil servants in recent years?
- Top 50 Logistics in China in 2007?
- How much is the monthly salary of Zheng Xin chicken chops in Fenghuang Ancient City?
- Whose youth is not confused and whose workplace is not confused? Facing the problems in the workplace, how to face negative and unhealthy emotions?
Having been hr for so long, I have met many pe
- Benefit analysis on how to write the feasibility report of grain dryer
- How about Hitachi Energy China Co., Ltd.