It’s a moment every administrator dreads: Your network is crying for help, and you don’t know why. Wouldn’t it be great if, right in your hand, you had a tool that could diagnose the problem? We test four handheld analyzers to see just how they can make your job easier.
- By James Carrion
When the network is down, screaming users and an irate boss turn some
network administrators into troubleshooting machines. Others simply rely
on the fates, with ad-hoc troubleshooting techniques or default diagnostic
utilities. Worse yet, some put their faith in plain, dumb luck (i.e.,
reboot everything). Sure, the network eventually comes back up, but the
extended downtime has your users and boss still fuming and, perhaps, even
plotting your demise. What you really need are good troubleshooting tools
that can quickly pinpoint the problem—and make everyone’s future a bit
Handheld network analyzers started out as basic, physical-layer, network-diagnostic
tools and have evolved continuously. They now perform multifunction diagnostics
at all layers of the OSI model, helping administrators troubleshoot myriad
network problems. Ten years ago, I watched a co-worker use a multimeter
to detect shorts in cables and connectors while lugging around a heavy
oscilloscope to perform basic diagnostics. Today’s network analyzers—which
are small, self-contained devices—can perform the same tests and provide
results in a user-friendly graphical format.
The four handheld network tools in this article—two of them high-end,
full-featured network analyzers, and the other two, basic network testers—can
help identify many network problems.
FrameScope 350 Handheld
Network Performance Analyzer (N2610A)
NetTool Inline Network
OptiView Pro Gigabit
Integrated Network Analyzer
Pinger Network IP
Psiber Data Systems Inc.
Fluke Networks’ OptiView Pro Gigabit
Integrated Network Analyzer
To call this tool a handheld network analyzer is stretching things a
bit, as it feels like you’re cradling a football. OptiView is a handheld
tablet computer that comes with a PC card slot, USB and serial ports,
and a touch-screen color display. OptiView is designed for LAN/WAN/wireless
troubleshooting, and the standard model is configured with 10BaseT and
100-BaseTX interfaces. You can upgrade to one of the Pro models—which
adds RMON2 and 100BaseFX fiber-optic interfaces, as well as packet capturing
and decoding capabilities—or to the luxurious Pro Gigabit model, which
offers a 1000BaseSX interface. The Pro Gigabit model tested had an optional
802.11b wireless diagnostic PC card.
OptiView troubleshoots problems at all seven layers of the OSI model, so it understands the basics of lower-level protocols (like Ethernet and IP) and is equally fluent in higher-level protocols, such as NetBIOS and Server Message Blocks (SMB). OptiView comes with two basic diagnostic programs: OptiView Analyzer, which diagnoses network problems on LAN ports, and OptiView Wireless Analyzer, which troubleshoots 802.11b wireless networks.
OptiView LAN analyzer gathers a large amount of diagnostic information—including LAN utilization, top protocols used, top talkers, top conversations and so on—to give you a bird’s-eye view of what’s happening on the network. The built-in discovery tool finds all network access devices, SNMP agents, hubs, switches and routers, IP and IPX networks, and NetBIOS hosts and domains, and reports any problems encountered. It has built-in ping, trace route and route-table viewer tools and comes with a separate Management Information Base (MIB) browser.
The built-in cable tester checks fiber and copper cables and graphically
maps out wire pairs through a built-in or remote wiremapper. Another neat
feature is the traffic generator, which places real traffic loads on the
network. A built-in sniffer can capture and decode network traffic.
|Figure 1. Fluke's OptiView troubleshoots problems
at all seven layers of the OSI model.
I put OptiView to work by troubleshooting my own test wireless network. It immediately detected my SMC Networks access point, secured an IP address and warned me that Wired Equivalent Privacy (WEP) wasn’t enabled, so packets were being transmitted in the clear. I was able to capture all the wireless traffic between my laptop and the access point and decode the packets. In truth, I’m not too worried about the lack of security because I live out in the boondocks; unless the deer are war driving, I’m pretty safe.
Overall, the Optiview Analyzer is a great, albeit pricey, product capable
of troubleshooting almost any network problem that a large enterprise
network could experience. There were a couple of negatives: The color
screen was hard to view, and the operating system was out of date years
ago. I would hope that Fluke upgrades to Windows XP or Windows 2000, as
Windows 98 is antiquated for such a device.
Agilent’s FrameScope 350
FrameScope 350 is a cable and network troubleshooting and certification
tool that provides much of the same functionality as OptiView, with the
exception of wireless/WAN diagnostics and packet capture/decode. Although
it’s not a PC like OptiView, it does have a user-friendly graphical interface
and the color touch-screen display (under the same lighting conditions)
was easier to see than OptiView’s.
FrameScope is a Level-3, twisted-pair certification tool that tests up
to Category 6 cable for cable length, attenuation, wiremap, near-end crosstalk
(NEXT), return loss and so on, and then saves a certification report for
each test. FrameScope also tests and certifies single-mode or multimode
fiber. There are really two devices needed to certify your cable infrastructure:
FrameScope 350 and another device, DualRemote, which connects to the other
end of the cable run.
|Figure 2. One great FrameScope feature is the
ability to control the tool remotely using your Web browser, allowing
interactive access from either end.
I put FrameScope to work certifying my own home network. When my home was under construction, I had the contractor run Speed Wrap cable (copper and fiber cables bundled in one jacket) to most rooms in the house and to a central patch panel. I terminated the copper myself but left the fiber unterminated for future use. Certifying the cable to Category 5e standards was easy with FrameScope. I simply plugged DualRemote into a room jack, plugged FrameScope into the corresponding port on the patch panel, and ran the AutoTest for the Category 5e profile. These profiles can be edited or you can create your own, specifying the standards to which you want to test, as well as the exact cable and connecting hardware in use. FrameScope provides immediate feedback on whether the test passed or failed, along with detailed test data and graphs. You can save the results to internal memory or card-flash memory for later upload. All of my home cable drops tested fine and passed certification testing except one that had a wire pair switched.
FrameScope allows customization of cable test labels, which can be printed directly to a Brady TLS2200 label printer. You can also plug handsets into FrameScope and DualRemote so that two operators can communicate and coordinate activities remotely. FrameScope comes with a software package called ScopeData Pro, to which you can upload the cable test results, either through a serial or USB connection. You can view and manipulate individual records and print out comprehensive reports to document your cable infrastructure certification.
FrameScope is much more than just a cable-certification tool. It provides
autodiscovery of network devices; network-utilization statistics; and
network diagnostic tools, like ping, trace route and SNMP queries. The
handy “blink port” option allows you to determine the hub or switch port
to which a drop is connected. FrameScope can also generate real network
traffic for simulating packet loads on the network.
Small but Mighty
Fluke Networks’ NetTool Inline Network Tester
NetTool is about the size of a handheld video game and can be used to
test basic network connectivity or discover devices and protocols on the
network and report network problems just like its big brother, Fluke OptiView.
It has two RJ45 jacks into which you can plug both ends of a patch or
crossover cable to test cable length and wiremap. You can also plug it
inline between a hub and a computer connection; NetTool will report LAN
speed, discovered protocols, discovered devices (routers, NetWare or NetBIOS
servers, printers, and so on) and network utilization. There’s also a
built-in ping tool.
NetTool comes with a software package called NetTool Blaster, downloads
firmware updates to NetTool’s serial port and uploads screen captures
in .BMP format. You can also customize NetTool’s splash screen with your
own name and graphic.
|Figure 3. Fluke's NetTool can be used to test
basic network connectivity or to discover devices and protocols on
Putting it to work on my own test network, the NetTool quickly detected my test servers and verified name resolution was working. Using the Optiview Analyzer to inject a traffic load on the network, the NetTool correctly reported the network utilization rate.
As a basic layer 1 to 3 troubleshooting device, NetTool does an adequate
job, and field techs will benefit from its portable size. It really shines
in its ability to detect problems at higher layers—something most in-the-trenches
technicians would have problems diagnosing without a laptop computer.
Psiber’s Pinger Network IP Tester
Pinger is a basic network-trouble-shooting tool that verifies physical
and network-layer connectivity between two network devices. These devices
both can be Pingers, or one can be a Pinger and the other a network host.
You can also test DHCP address assignment, as the Pinger functions as
a DHCP client.
Configuring Pinger is simple: Plug in an IP address, subnet mask and
default gateway; connect to an Ethernet network; and ping a local or remote
device. Pinger sends Internet Control Message Protocol (ICMP) echo-request
packets to a specified IP address and reports back round-trip communication
time, as well as the MAC address.
|Figure 4. Psiber's Pinger provides an easy method
of verifying physical and network-layer connectivity.
Pinger only works on a 10BaseT port, so if you connect it to a 100Base hub or switch, you’ll need to set the port to autonegotiate down to 10BaseT. The Pinger can detect duplicate IP addresses on the network if you happen to be pinging that address, and there’s a Port ID option that allows you to find out into which hub or switch port a cable is plugged.
If a computer can’t access the network, you can quickly eliminate the
source of the problem by verifying Layer 1 and 2 connectivity. This could
be done by plugging in a laptop to the same network jack and using the
standard Ping command, or you could use the cheaper, more portable Pinger
The Future Is in Your Hands
Troubleshooting a network requires skill and patience, but you can fix
any problem quickly with the right tools. On the high end, the Fluke OptiView
offers all the diagnostic tools you need to find out what’s ailing your
LAN/WAN or wireless network, while the Fluke FrameScope does an excellent
job in certifying your cable infrastructure and troubleshooting the LAN.
The Fluke NetTool and the Psiber Pinger don’t offer the bells and whistles
of the higher-end tools, but they do offer enough features for you to
narrow down most physical and network layer problems. Most important,
these tools will keep your network humming, your users happy, and make
your job easier.