Compare cert salaries and plan your next career move
MSP-IT wrote: » It sounds like you're approaching it the same way I would. It appears that the packets are being dropped at the ISP. Have you attempted talking to your ISP?
Heero wrote: » Pingplotter is a better way to do what you are manually doing. If you see the increased latency on every hop after the first hop with the high latency, it is a pretty fair bet that the link between the last hop without the latency and the first hop with the latency is heavily congested (or some other issue). Take the pingplotter info and go to your ISP with it. They will be able to go look and see if there is an issue with that hop. If they refuse or tell you they don't see any issues, complain and escalate until you get someone that actually knows what they are doing.
Ryuksapple84 wrote: » Really liked how you approached this problem. It is definitely an ISP issue.
Deathmage wrote: » This might be helpful; but now that I work at a MSP that is a ISP I get the low-down on the internet. TWC has been having major issues the past few days that is like a domino effect for other ISP's... Something worth noting, see if you do a tracert and if any of the hops are owned by TWC....
santaowns wrote: » Do you have access to view the netflow via scrutinizer? Pings show some latency but if behind a firewall and qos it is less reliable as the firewall gets busy it drops pings. Same with qos it drops pings. Is this environment cisco?Check the wan interface on both ends. Centurylink, Sprint and twc have had major issues within the past week. Especially centurylink mpls... Don't ask how I know
bertieb wrote: » Get some bandwidth stats from your ISP for the connection to prove your client is hitting the upload limit at the times you are having the problems. Ideally, you should be able to monitor the ISP traffic yourself too if they don't provide a portal where you can view it yourself - it'll cut down on the problem tennis between yourself and the ISP and you'll be quickly able to spot any contention. Always go with the basis of proof, and if people 'think' it's 'X' causing the issue, get them to substantiate it. You're the customer here, don your best Judge's court dress and prove things beyond any reasonable doubt...... How I'd go with this: 1) Get bandwidth stats and confirmation of the maximum download/upload limits 2) If they are nowhere near the contractual bandwidth limits when you're seeing problems, kick the ISP (again) - be wary that stats can often be averaged, you'll be better off with a 'real time' view when you're seeing the problems which is why an internal monitoring solution would be beneficial if they can't provide these quickly. 3) If they are exceeding the limits, you'll need to track down what's causing it - my guess would be traffic from a device that shouldn't be on the network but a user (or several) who have the wireless key and are using tablets/phones to watch Netflix at lunchtime It does concern me that four site visits have been undertaken by your ISP and they blame the internal network without providing any real evidence!? If that was me, I'd have been more than unimpressed because it smacks of incompetence, unprofessional-ism or they know something is amiss but wont fix it, or a combination of all.
ccnxjr wrote: » I've been guilty of blaming the ISP when we were actually hitting our service caps. I'll add my vote to setting up some sort of real-time (or close to it) monitoring on the actual bandwidth usage. It also helps if you know what the contractual usage is supposed to be. However, the few times that I did call in during an event, they were able to identify whether or not we were hitting our service cap over the phone, without having to perform a site visit. So, that part does indeed seem odd. (however it did require an escalation over the phone) By the third instance we got real-time monitoring in place to be sure that was the case before calling in. It's also important that this be setup on the ISP-facing interface, to avoid the (very plausible) excuse that it's the customer router that's dropping/loosing packets. Just saw OP's responses. Might be more difficult with a company like Comcast/Verizon , even if it is a business account. Their service agreements are littered with conditionals and liability waivers. I've learned a lot about the importance of reading the contract, no matter how boring or mundane it is! They should still be able to see usage, however, the person you're on the phone with may not have that access . Also, many of the service reps for companies like Verizon/Comcast/Time Warner are trained to shift responsibility to the customer and are not that good at actually solving problems.
santaowns wrote: » I realize that it is a small business but most if not all "Business" class services even cable (which we have some sites that use cable modems too even though we are a fortune 10 company now) have a guarantee on service availability and quality. By the way the centurylink issue is resolved. Here is the information you need: -Verify patching schedules on the office pcs (yes updates take alot of bw) set these to off hours only. -It will be very hard to find bandwidth usage using a dlink, so keeping track of the software updates etc will be a necessity. -Encourage your customers big or small to use business class equipment so that you can provide them with better service and they receive a better service from the equipment (also i bet your boss would love to sell it to them) -Even a dlink can block a website, suggest to block bandwidth hog sites like netflix, hulu pandora spotify etc -you need to know exactly what the system is being used for websites, any voip phones? I cant think of much more on the spot but i know your catching the drift. I would finally suggest an upgrade to next tier or a better service metro-e or oc-192 haha jk, but you again get the idea.
ccnxjr wrote: » We're using Cacti, however our edge router is a Juniper SRX, so we can configure SNMP on it. So, we can track how much each interface is sending/receiving, trace the bandwidth hog down to the port level and unplug him! Cacti lends itself well to monitoring all sorts of fun stats on a router/switch through SNMP polling. I'm not sure if it'll work the same on a DLink. Of course, if they were using a Meraki device you get all sorts of fun stats in the web portal. However I can't confirm if interface bandwidth is one of them. There's all sorts of good reasons for getting a Juniper/Cisco/Meraki (also Cisco?) enterprise grade router. However might be worth a few minutes to ask the rep if they can give you an estimate of your current usage, as a by-the-way over the phone. This is not an unreasonable request if they're claiming that your hitting the usage cap. If they can't determine (or tell you) how much your using, then how do they know your hitting the usage cap? Do they hook you guys up on some enchanted port?
--chris-- wrote: » The ISP said they have no way to show me usage / bandwidth. I asked how was the tier 2 tech able to determine that's what the issue was...? They said they would have to call me back in 4 hours, he did not know and the ticket notes did not say. That was two days ago. typical?
Deathmage wrote: » who is your ISP?
lsud00d wrote: » Dude...there's no WAY an ISP doesn't have netflow enabled and monitored. However, it is possible that they refuse to share that info with you. Can any NOC'ers/ISP techs comment on sharing netflow data with customers?
Compare salaries for top cybersecurity certifications. Free download for TechExams community.
