When you’re in the networking technology field, you’re going to find that there are many different types of “monitors” (like router monitoring) that you need to stay on top of, from throughput to application performance and device health.
And as you become more knowledgeable, you’re going to start to understand these diverse types of traffic and equipment. It’ll become more important to you to be able to understand concepts like where traffic is flowing. Is traffic getting where it needs to be most efficiently? Who’s sending the most traffic and at what times of day, week, or month? How’s your network equipment, such as routers, keeping up to the load?
You’ll want to understand these patterns implicitly to be able to manage your network. Let’s look at 6 tips to implement practices that’ll give you this ability when it comes to monitoring your routers.
Why is it important to monitor router traffic?
Monitoring network traffic is a fundamental part of a network manager’s job. It’s integral to understanding and managing the network, as well as planning, making changes, and solving problems. Monitoring router traffic specifically can be critical for a network engineer or network manager for a few reasons:
- Understanding the network. If a network manager doesn’t understand their network, it’s a recipe for disaster. Like traveling from New York to Los Angeles by car, if you don’t understand even a little bit about the trip (path, distance, speed, etc), you’ll find it pretty difficult not to get lost along the way.
- Troubleshooting your network. By having the correct router monitoring, discovery, and alerting tools you’ll be able to troubleshoot effectively. If you’re just told that a specific device is not working, and you have no monitoring tools to start with, you’ll struggle with even the most basic assessments.
- Planning. IT and network systems are constantly changing and updating. But network managers do not just decide to make a major change or upgrade to the network one day, then implement it the next. A lot of thought, planning, budgeting, and coordination goes into this process. The data gathered from good effective network monitoring supports this process every day.
- Budgeting. A network manager’s budget is always limited. Being able to do more with less is part of the job.
How to monitor router traffic
The right way to monitor network traffic is through a set of tools that can read and understand what’s happening on your network in real-time. And you’re going to need these tools to perform specific functions and have specific features to be able to monitor your network effectively.
Let’s start with network discovery and mapping. To scale your IT asset management effectively, you’ll need a system that automates the discovery through SNMP. SNMP (Simple Network Management Protocol) is one of the industry standards for discovery and gives a clear picture of devices being managed, as well as the ability to interact with device data through the SNMP management console itself. Built on the foundation of polling and event-driven traps, SNMP features can be used in IT asset management, device performance monitoring, and notifications to your network monitoring station.
Testing is also critical. Your network management station is going to need tools for instructing network devices to do automated tests of connectivity on specific links and at specific times. The ability to send ICMP (internet management control protocol) messages is an essential tool for this function.
Flow analysis is also important. This is a set of protocols that measure traffic flow speeds and characteristics either across your network or between two different points. Flows such as Netflow, IPFIX, and Sflow are the most common. It’ll vary depending on the brand of networking products you use.
You’ll also need to be able to capture and analyze the logs coming off of your network devices. There are a variety of logging servers and logging analysis tools out there.
Once you have familiarity with these tools you’ll need to put together a plan and a set of network management policies that define what you’ll monitor, when to do it, and how. These policies will dictate such things as:
- How you’ll map your network as well as threshold
- How often you’ll inventory your networking devices
- How reporting will be handled and escalated in times of trouble
Top things to monitor and why
Sampling. The most important thing to know about network monitoring is that you’re sampling. When you’re monitoring in an efficient manner, you need to know how much to monitor and when. And you can only do this effectively if you know what the most important things to monitor are.
Monitor events. One of the first things to do with network monitoring software is to baseline your network. The purpose of baselining is to give you a starting place to measure from. Once you have established a baseline of what proper traffic flows are, ask: What are the busy times, and busy areas? Where are the greatest concentrations and the highest priorities? Then you can measure against these.
Look for traffic anomalies. Anomalies are unique events. Events that are out of the ordinary. You want to be aware of any anomalies. You have baselined your traffic, so now you should be able to notice when something’s out of the ordinary. Your management system will help you discover and alert you to any anomalies on your network.
Total throughput. You want to know what kind of throughput your network is giving you. This is different from bandwidth. Throughput is the actual amount of traffic that’s traveling the network. You’ll want to monitor this to look for performance problems.
Top interfaces. You’ll notice certain device interfaces are showing greater traffic and utilization. Is this becoming a persistent issue? Is it time to increase throughput or add additional interfaces?
Device health. What are the individual devices doing with their resources? How are memory and processors being utilized? What is the individual health of all your devices? Are they in need of upgrades? Replacements?
Streamlining your network. If you are managing a network with many locations, you’ll have many networking management functions that are redundant and need to be maintained on a consistent basis. Using network management is essential to this ability.
Once you have these areas figured out you’ll need to start documenting what’s important on your network:
- Where are your critical resources?
- Who has access to them?
- Are they supported by the proper equipment?
- Who has access to these?
- Do you have redundancies in your network to support critical features or applications?
- Are they effectively implemented?
- Have they been tested?
- Are you preparing for the future?
- Are there traffic trends you need to be watching?
- Are you able to deal with trouble areas before they turn into a crisis?
Answering these questions will get you on the road to a successfully managed network.
Why utilize router monitor software?
Utilizing router monitoring software is critical to the efficient use of any network. All of the specific elements we talked about such as troubleshooting and planning and budgeting and even security are going to come up. It is just a matter of time.
Here’s a common scenario you’re likely to encounter: a new network you’re managing had a pretty good network management software tool installed. But it was not being used very well, basically shoving it to the back burner and rarely pulling it up.
Eventually, the network begins experiencing performance problems. So utilizing the existing networking management software, you found that the network has a device that is overutilizing a specific network segment. It is creating a lot of excess traffic on the network and propagating it throughout the switch. Cleaning up the unnecessary applications running on the problem server solved the problem. Using monitor software, it was just a case of looking for the “top talkers”. And then ask some questions about how much traffic they should be sending and receiving.
Tips for monitoring router traffic
- Start with an inventory. First, you need to know what you have. you’ll be surprised sometimes with what you really have and even what you think you have but don’t! This can be an eye-opening first step.
- Map your network. Once you know what’s out there, build out a networking map of your current condition. This map will become your blueprint. And later you’ll rely on it for every decision on your network. This network context will be invaluable when analyzing the data from your router monitoring platform.
- Analyze your traffic flows. Once you have a good inventory and map, you can discover how traffic is flowing and where the problem areas are. As well, as where the excess resources are and where resources are critical. Do they match up? Are critical areas being served with enough capacity? How about with redundant capability? How about security? Are there traffic flows that are exposed to the wrong segments? Or being utilized by unsecured parts of your network? Now you’re starting to really understand your network.
- Planning and budgeting. What needs to be improved and where. You cannot make every change all at once, and you would not want to anyway. Never plan to change too much at once. Start with one project at a time. See how it affects your network performance, document it, and then do another. And so on. Same with budgeting. You’re only going to get so much in your budget. Make sure it’s for things that you really need and can justify. When other departments are asking for money based on conjecture, you’ll be able to come in with drawings, network maps, testing, and documentation to justify your request.
- Policy. Start building policies on how to manage your network, now that you have a good understanding of how your network is laid out. How is traffic flowing and how will your changes affect the network. Build policies for the people above and below you. Make them real-world, short, and to the point. A succinct policy is going to get used. A long, drawn-out policy is going to get shelved. Be the one that approaches management with completed policies before they ask for them.
- Testing. Finally, you should be able to test your network to ensure your policies and plans are effective. Running baseline tests and other evaluations will make your network rock-solid, and ready for challenges in the future. How about security? Do you see any security holes? Once you have done all of this. Start over again and do it all over. This is an ongoing process and should continually be updated. New drawings. Adjustments to traffic flow. Budgeting for next year.
Whether it’s router monitoring, or any type of monitoring, be ahead of the game, not always responding to the latest crisis.