Finisar Surveyor User Manual
Surveyor
User’s Guide
Surveyor User’s Guide
Trademarks and Copyrights
Finisar, Surveyor, THGm, THGs, THGsE, THGnotebook, THGp, Century 12-Tap, 12-Tap, Century Tap,
Packet Blaster plug-in, Remote plug-in, Expert plug-in, Multi-QoS plug-in, and Century Tool Kit are trademarks of Finisar Corporation. Windows NT, Windows XP, Windows 2000, Microsoft Mail, and Excel are trademarks of Microsoft Corporation. Pentium is a trademark of Intel Corporation. Magic Packets is a trademark of
Advanced Micro Devices. Sniffer is a trademark of Network General, Inc. All other trademarks are those of
their respective companies.
Finisar Software License Agreement
This Software Program and accompanying written materials are proprietary products of Finisar, and are protected by copyright laws and international treaties. You must keep the Software Program in strict confidence
and treat it like any other copyrighted material. You may not copy the Software, documentation, or associated
written materials except as provided below.
License
Subject to the provisions of this License, Finisar hereby grants to Licensee, a non-exclusive, non-transferable
license to use the Software and all documentation and upgrades provided for said Software. The Software may
be loaded and executed on a single host computer. Title to the Software shall at all times remain with Finisar.
Licensee may not copy or sublicense such Software, documentation, or other written material, in whole or in
part, without prior written consent of Finisar, except for as provided below.
Term
This License shall become effective upon shipment or other transfer of the designated Software from Finisar
and shall remain in full force and effect in perpetuity, unless terminated pursuant to the provisions of this
License. This agreement can be terminated at any time by returning or destroying all copies of the Software
and related written materials and documentation and by notifying Finisar in writing of your termination of
the License.
If either party defaults in the performance of any of its obligations thereunder, and such default continues for
thirty (30) days after receipt of notice from the non-defaulting party, the non-defaulting party shall have the
right to terminate this License immediately by giving written notice. Upon termination of this License, Licensee shall, at Finisar’s request, either return to Finisar or destroy all copies of the licensed Software and documentation.
Restrictions
Licensee shall have the right to make one backup copy of the Software for use in the event the original Software is damaged. Such License does not convey any right, expressly or by implication, to manufacture, duplicate or otherwise copy or reproduce any of the Software or documentation. Licensee hereby agrees not to trace,
decompile or disassemble the Software, or use any other means to identify the source codes of the Software.
Finisar’s Software is commercial computer Software and, together with any related documentation, is subject
to the restrictions on US Government use, duplication or disclosure set forth in DOD FAR j2.2277013(c)(1)(II). Licensee agrees to mark any Software and related documentation that is to be directly or indirectly delivered to any branch or agency of the US Government with the legend set forth below in such manner that it can be readily and visually perceived:
ii
Surveyor User’s Guide
Restricted Rights Legend
Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subdivision
(c)(l)(lI) of the Rights in Technical Data and Computer Software clause at DOD FAR 52.227-7013
1389 Moffett Park Drive
Finisar
Sunnyvale CA 94089
Limited Software Warranty
A Finisar Limited Software Warranty is provided with each Software Product purchased through one of
Finisar’s authorized distribution channels. For a period of twelve (12) months from date of shipment, Finisar
warrants Software to conform with Finisar’s published specifications on date of shipment when properly operated in accordance with procedures described in documentation supplied by Finisar.
Defects in the Software will be reported to Finisar accompanied by supporting information reasonably
requested by Finisar to verify, diagnose and correct the defect. Finisar’s exclusive obligation with respect to
nonconforming Software Product shall be, at Finisar’s option, (a) to replace that copy of the Software with one
that conforms to the specifications, or, (b) to use diligent efforts to provide the customer with a correction or
workaround of the defect. Finisar is under no obligation to provide Software updates which contain additional
features and enhancements other than defect corrections.
Patent and Copyright Indemnification
Finisar shall have no liability to the Licensee if any patent or copyright infringement is based upon or arises
out of: (1) compliance with designs, plans or specifications furnished by or on behalf of the Licensee as to the
Products or services, (2) alterations of the Products or services by the Licensee, (3) failure of the Licensee to
use updated Products or services, including error corrections and updates, provided by Finisar for avoiding
infringement, (4) use of Products or services in a manner for which the same was neither designed nor contemplated, or (5) a patent or copyright in which the Licensee or affiliate or subsidiary of the Licensee has any
direct or indirect interest by license or otherwise.
Limitation of Liability
Finisar’s liability under or for breach of this license shall be limited to refund of the purchase price actually
paid by the Licensee to Finisar for the specific item causing the damage. In no event shall Finisar be liable for
costs of procurement of substitute goods, loss of profits, or for any special, consequential or incidental damages, however caused, whether for breach of warranty, breach of contract, repudiation of contract, negligence
or otherwise.
Forum
This License shall be interpreted in accordance with the laws of the State of California, and exclusive jurisdiction and venue shall lie in the state or federal courts of Santa Clara County, California.
Entirety
These terms and conditions represent the entire agreement between the parties relative to the license of the
Software and firmware incorporated in or provided with the designated equipment. Any modification hereto
must be embodied in a writing signed by both parties. No modification hereof shall be effected by either
party’s use of a purchase order, acknowledgment, or other form containing additional or different conditions.
iii
Surveyor User’s Guide
About This Guide
This guide provides descriptions of the software components, features, and capabilities of
the Surveyor product, Release 5.0. It also contains detailed tutorials and examples that will
enable you to install, configure, and run the Surveyor software.
On-line Help System
We have included an extensive, on-line Help system with the Surveyor software. The on-line
Help system contains nearly all the tutorials and instructions contained in this guide plus
additional examples and tips to help you get the most from your Surveyor. Be sure to browse
on-line Help. From any location in the Surveyor program, and with just a few clicks of the
mouse, you will find that you can locate the answer to almost any question you might have.
Specific task information is included in the on-line Help system that is not included in this
manual.
Quick Start
Surveyor includes a Quick Start guide to get you up and running.
Contacting Customer Support
There are several ways to contact Finisar if you need support.
Customer Support Phone 1 408.400.1100
1 888.746.6484
Customer Support FAX 1 408.744.1778
Internet Address techsupport@Finisar.com
World-Wide Web http://www.Finisar.com/
Mailing Address Finisar
1389 Moffett Park Drive
Sunnyvale, CA 94089
iv
Table of Contents
Chapter Page
1 Introduction ................................................................................... 1-1
Surveyor Functions ..................................................................................... 1-2
Analyzer Devices ........................................................................................ 1-4
Protocols Supported .................................................................................... 1-4
What's New in Release 5.0.......................................................................... 1-8
Capture to Disk and THGsE Analyzer Support ............................... 1-8
Disk Caching ...................................................................................... 1-8
Capture Management ........................................................................ 1-8
Expanded Multi-QoS Support ........................................................... 1-9
SMNP Extended Agent ...................................................................... 1-9
New and Enhanced Protocol Decodes ............................................... 1-9
2 Installation ..................................................................................... 2-1
System Requirements.................................................................................. 2-1
Upgrading Surveyor.................................................................................... 2-2
Installing Surveyor...................................................................................... 2-3
Installing Analyzer Hardware ..................................................................... 2-4
Installing Analyzer Hardware in a Desktop PC............................... 2-4
Installing Analyzer Hardware in a Notebook PC............................. 2-5
Installing More Than One Analyzer Card in a Notebook PC .......... 2-8
Compatibility Matrix................................................................................... 2-9
3 Getting Started .............................................................................. 3-1
The Surveyor System .................................................................................. 3-1
Launching Surveyor........................................................................... 3-1
Basic Navigation Tips................................................................................. 3-3
Buttons and Toolbars .................................................................................. 3-6
Surveyor Toolbar ................................................................................ 3-6
Module Toolbar (Summary View)...................................................... 3-6
v
Surveyor
User’s Guide
Detail View Toolbar ............................................................................ 3-8
Data Views Toolbar ............................................................................ 3-10
Filter Design Toolbar.......................................................................... 3-13
Filter States Design Toolbar .............................................................. 3-13
Capture View Toolbar......................................................................... 3-15
File Formats ................................................................................................. 3-18
.HST Extension – Capture Files ....................................................... 3-18
.CAP Extension – Internal Capture Files.......................................... 3-18
.NAM Extension – Name Table Files ................................................ 3-18
.CFD Extension – Capture Filters ..................................................... 3-18
.DFD Extension – Display Filters...................................................... 3-18
.TSP Extension – Transmit Specifications ........................................ 3-18
Providing a Name Table to Surveyor .......................................................... 3-19
Establishing Links for THGm...................................................................... 3-20
4 Configuring Surveyor ................................................................... 4-1
Configuring the Interface............................................................................. 4-1
Customizing Views and Windows ...................................................... 4-1
Capture View Display Options........................................................... 4-2
Histogram Options.............................................................................. 4-4
Setting the Monitoring View for a Module ........................................ 4-5
Configuring Chart Views.................................................................... 4-6
Table Views ......................................................................................... 4-6
Module Settings (Properties) ....................................................................... 4-7
Buffer Size........................................................................................... 4-8
Packet Slice (Slicing Size) .................................................................. 4-8
Stop-and-Save Capture Buffer ........................................................... 4-9
Modes................................................................................................... 4-9
MAC Control Frame ........................................................................... 4-10
System Settings............................................................................................ 4-10
Configuring Ports to Scan .................................................................. 4-10
Configuring Remote Communications ............................................... 4-11
Protocol Color Coding ......................................................................... 4-12
Setting Update Timers ....................................................................... 4-12
Disk Options........................................................................................ 4-14
Configuring Counter Logging............................................................. 4-15
Configuring Alarms ..................................................................................... 4-15
Configuring a Multi-Port Tap or Switch...................................................... 4-16
Setting the Local COM Port for Taps and Switches ......................... 4-18
Connecting a Tap with THGs or THGsE........................................... 4-18
Settings for Analyzer Devices ..................................................................... 4-18
Resetting an Analyzer Device ............................................................ 4-18
Updating an Analyzer Device ............................................................ 4-19
vi
Contents (continued)
Advanced Configuration.............................................................................. 4-20
surveyor.ini
Customizing Expert Diagnostic Information .................................... 4-20
Assigning Names to Protocols (Monitor) ........................................... 4-21
Assigning TCP or UDP Ports to Protocol Parsers............................. 4-26
File.......................................................................... 4-20
5 Resources and Modes .................................................................. 5-1
Resource Browser........................................................................................ 5-1
Remote Resources ....................................................................................... 5-2
Naming Remote IP Resources (Aliases) ............................................ 5-4
Resource Protection ............................................................................ 5-5
Modes .......................................................................................................... 5-6
Hardware Devices........................................................................................ 5-6
Synchronized Resources ..................................................................... 5-8
Hints and Tips for Resources....................................................................... 5-9
6 Views .............................................................................................. 6-1
Summary View ............................................................................................ 6-3
Detail View.................................................................................................. 6-4
Using Capture + Monitor Mode in Detail View ................................ 6-6
Capture View............................................................................................... 6-7
Capture View Window........................................................................ 6-7
Creating Filters from Capture View.................................................. 6-8
Exporting and Printing Decodes ........................................................ 6-8
Configuring the Capture View Display ............................................. 6-8
Using the Histogram Control....................................................................... 6-9
Histogram Color Coding ..................................................................... 6-10
Histogram Button Controls ................................................................ 6-14
Histogram Mouse Controls ................................................................ 6-15
Saving Portions of the Data ............................................................... 6-16
Resume Analysis................................................................................. 6-17
Packet Editor................................................................................................ 6-17
Data Views .................................................................................................. 6-18
Ring Statistics View (Token Ring Only)............................................ 6-18
MAC Statistics View (Rx)................................................................... 6-19
MAC Statistics View (Tx) ................................................................... 6-20
Frame Size Distribution View............................................................ 6-20
Protocol Distribution View ................................................................. 6-21
Utilization/Error View........................................................................ 6-23
Host Table View.................................................................................. 6-24
Network Layer Host Table View........................................................ 6-25
Application Layer Host Table View................................................... 6-27
Host Matrix View................................................................................ 6-28
vii
Surveyor
User’s Guide
Network Layer Matrix View .............................................................. 6-30
Application Layer Matrix View .......................................................... 6-31
VLAN View.......................................................................................... 6-33
Address Mapping View....................................................................... 6-34
Packet Summary View ....................................................................... 6-35
Duplicate Address View (Expert plug-in only) .................................. 6-35
Expert View (Expert plug-in only) ..................................................... 6-36
Application Response Time View (Expert plug-in only) ................... 6-36
Multi-QoS View (Multi-QoS software only)....................................... 6-36
Hints and Tips for Using Views .................................................................. 6-37
7 Capture and Display Filters .......................................................... 7-1
Getting Started with the Filter Interface ...................................................... 7-1
Creating Filters with Filter Templates......................................................... 7-2
Creating and Applying a Conversation ............................................. 7-5
Creating and Applying a Port Number.............................................. 7-7
Selecting Filter Templates ................................................................. 7-7
Creating Custom Filter Templates .................................................... 7-8
Filter Creation.............................................................................................. 7-12
Creating Filter Template Combinations ........................................... 7-12
Filter Actions....................................................................................... 7-13
Counter Conditions for Filters ........................................................... 7-15
Frame Types........................................................................................ 7-16
Multi-State and Multi-Statement Filters ...................................................... 7-17
Filter Structure ................................................................................... 7-19
Filter States ........................................................................................ 7-20
Filter Statements ................................................................................ 7-21
Capture and Display Filter Differences ....................................................... 7-22
Activating Display Filters .................................................................. 7-22
Activating Capture Filters ................................................................. 7-22
Filter Examples............................................................................................ 7-23
Filter Example, Capture Conversation ............................................. 7-23
Filter Example, Template Combination ............................................ 7-25
Filter Example, Capture TCP Port Traffic........................................ 7-27
Filter Example, Advanced Filter ....................................................... 7-29
Rules of the Capture or Display Filter......................................................... 7-30
Hints and Tips for Using Filters .................................................................. 7-31
Filtering Tips Unique to THG-class Devices..................................... 7-32
8 Transmit Specification .................................................................. 8-1
Transmit Specifications ............................................................................... 8-1
Transmit Specification Dialog Box .................................................... 8-2
Repeating Frames ............................................................................... 8-5
viii
Contents (continued)
Stream Modes ..................................................................................... 8-7
Bursts .................................................................................................. 8-7
Transmission Mode............................................................................. 8-8
Specifying Transmit Data............................................................................ 8-8
Packet Editor ...................................................................................... 8-8
Changing Fields Directly in the Dialog Box...................................... 8-9
Using Templates ................................................................................. 8-11
Creating Templates ............................................................................ 8-11
Transmitting Capture Files .......................................................................... 8-12
Transmit Specification Examples................................................................ 8-12
Transmit Specification Example, Bursts .......................................... 8-14
Hints and Tips for a Transmit Specification................................................ 8-15
9 Alarms ............................................................................................ 9-1
Current Module Alarms............................................................................... 9-2
Alarm Editor ................................................................................................ 9-4
Multi-QoS Alarms............................................................................... 9-5
Expert Alarms..................................................................................... 9-6
Using Alarms with Different Devices ................................................ 9-7
Thresholds and Alarms................................................................................ 9-8
Alarm Actions.............................................................................................. 9-9
Log File Settings ................................................................................. 9-10
E-Mail Settings ................................................................................... 9-10
Pager Settings.................................................................................... 9-11
SNMP Trap Settings .......................................................................... 9-11
Viewing the Alarm List and the Alarm Log................................................ 9-14
Hints and Tips for Alarms ........................................................................... 9-14
Alarm Examples .......................................................................................... 9-15
Alarm Example, Utilization ............................................................... 9-15
Alarm Example, MAC Errors............................................................. 9-16
Alarm Example, Frame Size .............................................................. 9-17
Alarm Example, VoIP Calls ............................................................... 9-18
Alarm Example, Expert and Application Response.......................... 9-19
10 Expert Features ............................................................................. 10-1
Expert System Views................................................................................... 10-2
Getting Started with Expert View ............................................................... 10-2
Expert Overview Details .................................................................... 10-4
Expert Layers............................................................................................... 10-6
Expert Symptoms, Analyses, and Network Entities.................................... 10-10
Symptoms............................................................................................ 10-10
Analyses .............................................................................................. 10-11
Entities ................................................................................................ 10-11
ix
Surveyor
User’s Guide
Expert Diagnostic Messages........................................................................ 10-15
Working with the Expert System................................................................. 10-16
Configuring the Expert System ......................................................... 10-16
Module Settings for the Expert System............................................. 10-17
Setting Expert Alarms........................................................................ 10-17
Customizing Expert Diagnostic Information .................................... 10-17
Exporting Expert Data ....................................................................... 10-18
Printing Expert Data .......................................................................... 10-18
Working with Timestamps ................................................................. 10-18
Working with Analyzer Devices ......................................................... 10-19
Application Response Time......................................................................... 10-19
Application Layer ........................................................................................ 10-20
Excessive Mailslot Broadcasts ........................................................... 10-20
FTP Login Attempts ........................................................................... 10-21
Missed Browser Announcement......................................................... 10-22
NCP File Retransmission ................................................................... 10-23
NCP Read/Write Overlap ................................................................... 10-24
NCP Request Denied .......................................................................... 10-25
NCP Request Loop .............................................................................. 10-26
NCP Server Busy ................................................................................ 10-27
NCP Too Many File Retransmissions ................................................ 10-28
NCP Too Many Requests Denied ....................................................... 10-29
NCP Too Many Request Loops........................................................... 10-30
NFS Retransmissions ......................................................................... 10-31
No HTTP POST Response .................................................................. 10-32
No Server Response ............................................................................ 10-33
Slow HTTP GET Response ................................................................. 10-34
Slow HTTP POST Response............................................................... 10-35
Slow Server Connect ........................................................................... 10-36
Slow Server Response ......................................................................... 10-37
SMB Invalid Network Name .............................................................. 10-38
SMB Invalid Password ....................................................................... 10-39
Session Layer............................................................................................... 10-40
No WINS Response ............................................................................. 10-40
TNS Slow Server Connect .................................................................. 10-41
TNS Slow Server Response ................................................................ 10-42
Transport Layer............................................................................................ 10-43
Idle Too Long....................................................................................... 10-43
Non Responsive Station...................................................................... 10-44
TCP Checksum Errors........................................................................ 10-45
TCP Fast Retransmission .................................................................. 10-46
TCP Frozen Window ........................................................................... 10-47
TCP Long Ack ..................................................................................... 10-49
TCP Repeat Ack .................................................................................. 10-50
x
Contents (continued)
TCP Retransmissions ......................................................................... 10-51
TCP RST Packets................................................................................ 10-52
TCP SYN Attack ................................................................................. 10-53
TCP Window Exceeded....................................................................... 10-54
TCP Window Probe............................................................................. 10-55
TCP Zero Window ............................................................................... 10-56
Too Many Retransmissions ................................................................ 10-57
Network Layer............................................................................................. 10-58
Duplicate Network Address ............................................................... 10-58
HSRP Coup ......................................................................................... 10-59
HSRP Errors ....................................................................................... 10-60
HSRP Resign....................................................................................... 10-61
ICMP All Errors.................................................................................. 10-62
ICMP Bad IP Header.......................................................................... 10-63
ICMP Destination Host Access Denied ............................................. 10-64
ICMP Destination Host Unknown ..................................................... 10-65
ICMP Destination Network Access Denied....................................... 10-66
ICMP Destination Network Unknown .............................................. 10-67
ICMP Destination Unreachable......................................................... 10-68
ICMP Fragment Reassembly Time Exceeded................................... 10-70
ICMP Fragmentation Needed [D/F set] ............................................ 10-71
ICMP Host Redirect............................................................................ 10-72
ICMP Host Redirect for TOS ............................................................. 10-73
ICMP Host Unreachable .................................................................... 10-74
ICMP Host Unreachable for TOS ...................................................... 10-75
ICMP Inconsistent Subnet Mask ....................................................... 10-76
ICMP Network Redirect ..................................................................... 10-77
ICMP Network Redirect for TOS ....................................................... 10-78
ICMP Network Unreachable.............................................................. 10-79
ICMP Parameter Problem.................................................................. 10-80
ICMP Port Unreachable ..................................................................... 10-81
ICMP Protocol Unreachable............................................................... 10-82
ICMP Redirect .................................................................................... 10-83
ICMP Required IP Option Missing.................................................... 10-84
ICMP Source Quench ......................................................................... 10-85
ICMP Source Route Failed ................................................................. 10-86
ICMP Time Exceeded ......................................................................... 10-87
ICMP Time to Live Exceeded ............................................................. 10-88
Illegal Network Source Address ........................................................ 10-89
IP Checksum Errors ........................................................................... 10-90
IP Time to Live Expiring .................................................................... 10-91
ISL BPDU/CDP Packets..................................................................... 10-92
ISL Illegal VLAN ID........................................................................... 10-93
OSPF Broadcasts ................................................................................ 10-94
xi
Surveyor
User’s Guide
RIP Broadcasts.................................................................................... 10-95
Router Storm....................................................................................... 10-96
Same Network Addresses................................................................... 10-97
SAP Broadcasts................................................................................... 10-98
Total Router Broadcasts ..................................................................... 10-99
Unstable MST ..................................................................................... 10-100
Zero Broadcast Address ...................................................................... 10-101
MAC Layer .................................................................................................. 10-102
Bad Frames ......................................................................................... 10-102
Broadcast/Multicast Storms ............................................................... 10-103
CRC Frame counter ............................................................................ 10-104
Excessive ARP..................................................................................... 10-105
Excessive BOOTP ............................................................................... 10-106
Excessive Broadcasts .......................................................................... 10-107
Excessive Collisions ............................................................................ 10-108
Excessive Multicasts........................................................................... 10-109
Fragment Frame ................................................................................. 10-110
Illegal MAC Source Address .............................................................. 10-111
Jabber Frame ...................................................................................... 10-112
Network Overload ............................................................................... 10-113
New MAC Stations ............................................................................. 10-114
Oversized Frame ................................................................................. 10-115
Overload Frame Rate ......................................................................... 10-116
Overload Utilization Percentage ........................................................ 10-117
Physical Errors ................................................................................... 10-118
Runt Frame ......................................................................................... 10-119
Same MAC Addresses......................................................................... 10-120
Total MAC Stations ............................................................................ 10-121
Hints and Tips for Expert Features .............................................................. 10-122
Summary of Expert Counters and Symptoms.............................................. 10-123
11 Multi-QoS ....................................................................................... 11-1
Protocols Supported by Multi-QoS..................................................... 11-2
Using Multi-QoS with Analyzer Hardware....................................... 11-2
Multi-QoS User Interface Overview............................................................ 11-3
Surveyor and RTCP Jitter Values ..................................................... 11-5
Configuring Multi-QoS................................................................................ 11-6
Multi-QoS Performance Optimization ............................................... 11-8
Call Filtering with Multi-QoS ............................................................ 11-8
All Calls Table............................................................................................. 11-9
Field Descriptions for All Calls Table................................................ 11-10
Call Range Graphs and Summaries ............................................................. 11-11
Call Jitter, Call RTCP Jitter, Call Setup Time ................................. 11-11
Dropped Packets, RTCP Dropped Packets ........................................ 11-13
xii
Contents (continued)
Field Descriptions for Call Range Summaries.................................. 11-15
VQMon Metrics........................................................................................... 11-16
Utilization Graph ......................................................................................... 11-19
Field Descriptions for Call Details.............................................................. 11-20
Channel Table Details ................................................................................. 11-24
Filtering on Single Channels ............................................................. 11-29
Call Playback ...................................................................................... 11-29
Customizing Multi-QoS Table Displays ..................................................... 11-30
Customizing All Calls or Range Summary Tables............................ 11-30
Customizing Channel Tables ............................................................. 11-31
Exporting Multi-QoS Data .......................................................................... 11-32
Exporting All Multi-QoS Data to CSV Format ................................. 11-32
Exporting a Single Multi-QoS Table to CSV Format ....................... 11-33
12 Counters ........................................................................................ 12-1
Packet Counters ........................................................................................... 12-1
Custom Counters ......................................................................................... 12-2
Error Counters ............................................................................................. 12-2
Expert Counters ........................................................................................... 12-5
Multi-QoS Counters .................................................................................... 12-9
Counter Log File Overview......................................................................... 12-9
Log Directory Structure ..................................................................... 12-10
13 Utilities ........................................................................................... 13-1
Name Table Utility ...................................................................................... 13-2
Building a Name Table From the Network....................................... 13-4
NIS-to-Name Table Conversion Utility ...................................................... 13-5
Sniffer™ Translator Utility ......................................................................... 13-6
Internet Advisor™ Translator Utility.......................................................... 13-6
Get Version Information Utility .................................................................. 13-6
Convert Capture Files to Histogram Files ................................................... 13-7
Merge Histogram Files ................................................................................ 13-7
Extract Frames From a File Using a Filter .................................................. 13-8
Logging Utilities.......................................................................................... 13-8
Export Utilities ............................................................................................ 13-8
Exporting Packets............................................................................... 13-8
Exporting Tables to CSV Format or Graphs to a Bitmap ................ 13-9
Exporting to Optimal CSV Format.................................................... 13-9
Exporting Counter Log Files to Excel ............................................... 13-10
xiii
Surveyor
User’s Guide
A Implementation Profile ................................................................. A-1
Buffers ......................................................................................................... A-1
How Resources Use Buffers........................................................................ A-1
Hardware Dependencies .............................................................................. A-3
About NDIS Mode....................................................................................... A-5
Captured Packets................................................................................ A-5
Capture Rate / Transmit Speed ......................................................... A-5
Counters .............................................................................................. A-5
Rx Counter Display............................................................................. A-5
Transmit Specification ....................................................................... A-5
NDIS Configuration Options....................................................................... A-6
Setting the Interface ........................................................................... A-6
Set Capture Buffer and Packet Slicing Size ...................................... A-6
B Pre-Defined Filter Templates ....................................................... B-1
Filter Templates ........................................................................................... B-1
C Keyboard Shortcuts ...................................................................... C-1
Function Keys.............................................................................................. C-1
Standard and Navigational Keys.................................................................. C-2
D Parser Names ................................................................................ D-1
Recognized Parser Names ........................................................................... D-1
Glossary
Index
xiv
List of Figures
Figure Page
5-1. Remote Host Connections ............................................................................... 5-3
5-2. Host Properties Dialog Box for Establishing an Alias .................................... 5-4
6-1. Histogram Display and Button Controls ......................................................... 6-10
6-2. Histogram Display Showing Colors ................................................................ 6-12
6-3. Histogram Display, Large Capture Example .................................................. 6-13
6-4. Histogram Showing Mouse Control ................................................................ 6-16
6-5. MAC Statistics View (Capture) ...................................................................... 6-19
6-6. MAC Statistics View (Transmit) .................................................................... 6-20
7-1. Filter Design Window ..................................................................................... 7-4
7-2. Template Description Window Showing a Macro Filter ................................ 7-8
7-3. Example Filter Actions Dialog Box ................................................................ 7-14
7-4. Example Filter States Design Window ........................................................... 7-18
7-5. Filter Design Window, Conversation Example .............................................. 7-23
7-6. Filter Design Window, Template Combination Example ............................... 7-25
7-7. Filter Design Window, Capture TCP Port Example ....................................... 7-27
7-8. Advanced Filter, Filter States Design Window ............................................... 7-29
8-1. Transmit Specification Dialog Box ................................................................. 8-2
8-2. Transmit Specification Dialog Box, Packet Gaps ........................................... 8-13
8-3. Transmit Specification Dialog Box, Bursts .................................................... 8-14
9-1. Current Module Alarms .................................................................................. 9-2
9-2. Alarm Editor .................................................................................................... 9-3
9-3. Modify Alarms ................................................................................................ 9-3
9-4. E-Mail Settings for THGs ............................................................................... 9-11
9-5. SNMP Trap Settings for THGs ....................................................................... 9-12
9-6. Alarm Example, Utilization ............................................................................ 9-15
9-7. Alarm Example, MAC Errors ......................................................................... 9-16
9-8. Alarm Example, Frame Size ........................................................................... 9-17
9-9. Alarm Example, Call Jitter and Call Setup Time ............................................ 9-18
xv
Surveyor
User’s Guide
9-10. Alarm Example, Expert and Application Response ........................................ 9-19
10-1. Expert Overview Example ............................................................................... 10-3
10-2. Expert Overview Detail Table Example .......................................................... 10-5
10-3. Expert Application Layer Example ................................................................. 10-7
10-4. Entities for the Transport Layer Example ........................................................ 10-12
10-5. Expert Diagnosis Example ............................................................................... 10-15
10-6. Expert Configuration Example ........................................................................ 10-16
11-1. Multi-QoS Interface Overview ........................................................................ 11-4
11-2. Multi-QoS Configuration ................................................................................. 11-6
11-3. Multi-QoS All Calls Table ............................................................................... 11-9
11-4. Multi-QoS Jitter Graph Example ..................................................................... 11-11
11-5. Multi-QoS Configuration, Call Jitter Ranges .................................................. 11-12
11-6. Multi-QoS Packets Dropped Graph Example .................................................. 11-13
11-7. Multi-QoS Configuration, Packets Dropped ................................................... 11-14
11-8. Multi-QoS R-factor Example ........................................................................... 11-17
11-9. Multi-QoS Configuration, R-factor Ranges ..................................................... 11-18
11-10. Multi-QoS Utilization Graph Example ............................................................ 11-19
11-11. Example Call Details Window (H.323) ........................................................... 11-20
11-12. Channel Table Example ................................................................................... 11-25
11-13. Multi-QoS View Options Example .................................................................. 11-30
11-14. Multi-QoS Channel Table View Options, SCCP Example ............................. 11-31
13-1. Example Name Table Dialog Box ................................................................... 13-3
xvi
List of Tables
Table Page
1-1. Surveyor Functions ......................................................................................... 1-2
1-2. Surveyor Optional Software Modules and Their Functions ........................... 1-3
1-3. Finisar Analyzer Devices ................................................................................ 1-4
1-4. Protocols Supported in Surveyor .................................................................... 1-5
1-5. Supported Multi-Media Protocols................................................................... 1-7
2-1. System Requirements...................................................................................... 2-1
2-2. Supported Analyzer Cards and Network Adapter Cards ................................ 2-2
2-3. Hardware/Software Compatibility Matrix ...................................................... 2-9
3-1. Default Account Names, Passwords and Privileges ....................................... 3-2
4-1. Configurable Capture View Columns ............................................................. 4-3
4-2. Histogram Color Defaults ............................................................................... 4-4
4-3. Hardware Device Properties............................................................................ 4-7
4-4. Default Module Settings ................................................................................. 4-8
4-5. Remote Communications Tab Functions and Default Settings....................... 4-11
4-6. Remote Polling Timers.................................................................................... 4-13
4-7. Strip Chart Display Timers.............................................................................. 4-13
4-8. Default Display Timer Settings....................................................................... 4-13
4-9. History Log File Settings and Default Values................................................. 4-15
4-10. Alarm Actions ................................................................................................. 4-16
4-11. Default Names for Non-WKP TCP Ports ....................................................... 4-25
4-12. Default Names for Non-WKP UDP Ports....................................................... 4-25
5-1. Remote User Privileges................................................................................... 5-5
5-2. Surveyor Resource Modes .............................................................................. 5-6
5-3. Hardware Device Capabilities......................................................................... 5-7
6-1. Surveyor’s Primary Windows for Viewing Information................................. 6-1
6-2. Data Views Provided Within Summary, Detail and Capture View................. 6-2
6-3. Module Window Tabs Within Summary View ............................................... 6-3
6-4. Histogram Default Colors ............................................................................... 6-13
xvii
Surveyor
User’s Guide
6-5. Packet Editor Buttons ..................................................................................... 6-17
6-6. Frame Size Distribution View, Frame Size Statistics ..................................... 6-21
6-7. Protocol Distribution View, Chart Buttons - Protocols................................... 6-22
6-8. Protocol Distribution View, Chart Buttons - Packets...................................... 6-22
6-9. Protocol Distribution View, Graph Type Buttons........................................... 6-23
6-10. Protocol Distribution View, Table Column Descriptions ............................... 6-23
6-11. Host Table View, Table Column Descriptions ................................................ 6-24
6-12. Network Layer Host Table View, Table Column Descriptions....................... 6-26
6-13. Application Layer Host Table View, Table Column Descriptions.................. 6-27
6-14. Host Matrix View, Table Column Descriptions.............................................. 6-29
6-15. Network Layer Matrix View, Table Column Descriptions ............................. 6-30
6-16. Application Layer Matrix View, Table Column Descriptions ........................ 6-32
6-17. VLAN View, Table Column Descriptions ...................................................... 6-34
6-18. Address Map View, Table Column Descriptions............................................ 6-34
6-19. Duplicate Address View, Table Column Descriptions.................................... 6-35
6-20. Application Response Time View, Column Descriptions............................... 6-36
7-1. Defining Conversations .................................................................................. 7-5
7-2. Defining Port Numbers................................................................................... 7-7
7-3. Operator Buttons for Template Combinations................................................ 7-13
7-4. Capture Filter Actions..................................................................................... 7-14
7-5. Display Filter Actions..................................................................................... 7-15
7-6. Capture Filter Global Values........................................................................... 7-16
7-7. Capture and Display Frame Types/Size .......................................................... 7-17
7-8. Logic Sequence for Capture and Display Filter Statements .......................... 7-21
8-1. Stream Function Buttons................................................................................. 8-4
8-2. Transmit Specification Control Buttons ......................................................... 8-5
8-3. Methods to Repeat Frames ............................................................................. 8-5
8-4. Stream Modes ................................................................................................. 8-7
8-5. Packet Editor Buttons ..................................................................................... 8-9
9-1. Alarm Editor ................................................................................................... 9-4
9-2. Expert Alarms, Listed by Protocol Layer....................................................... 9-6
9-3. Alarms and Hardware Devices ....................................................................... 9-7
9-4. Alarm Actions................................................................................................. 9-9
10-1. Expert Symptoms and Analyses by Layer...................................................... 10-9
10-2. Summary of Expert Features .......................................................................... 10-124
11-1. All Calls Table Field Descriptions.................................................................. 11-10
11-2. Defaults for Call Jitter and Call Setup Time Ranges (in milliseconds).......... 11-12
11-3. Defaults for Packets Dropped Ranges ............................................................ 11-14
11-4. Call Range Summary Field Descriptions........................................................ 11-15
11-5. Voice Quality, R-factors, and MOS Range ..................................................... 11-17
11-6. Ranges for R-factors ....................................................................................... 11-18
xviii
Tables (continued)
11-7. SCCP Call Field Descriptions ........................................................................ 11-21
11-8. H.323 Call Field Descriptions ........................................................................ 11-22
11-9. SIP Call Field Descriptions ............................................................................ 11-23
11-10. UNKNOWN Call Field Descriptions ............................................................. 11-24
11-11. H.323, SIP, or UNKNOWN Channel Table Column Descriptions ................ 11-26
11-12. SCCP Channel Table Column Descriptions ................................................... 11-28
12-1. MAC Layer Counter Types ............................................................................ 12-1
12-2. Alphabetical List and Descriptions of Ethernet Error Counters..................... 12-2
12-3. Alphabetical List and Descriptions of Token Ring Error Counters................ 12-4
12-4. Alphabetical List and Descriptions of Expert Counters ................................. 12-5
12-5. Alphabetical List and Descriptions of Multi-QoS Counters .......................... 12-9
13-1. Ethernet and Fast Ethernet Network Management Utilities........................... 13-1
13-2. Sniffer Translator Utility, Tool Menu Options ............................................... 13-6
13-3. Internet Advisor Translator Utility, Tool Menu Options................................ 13-6
A-1. Buffer Types Used By Surveyor..................................................................... A-1
A-2. Resource Use of Buffers................................................................................. A-2
A-3. Hardware Real-Time Functions...................................................................... A-3
A-4. Hardware Transmit Functions ........................................................................ A-3
A-5. Hardware Capture Functions.......................................................................... A-4
A-6. Hardware Connectivity................................................................................... A-4
B-1. Surveyor Filter Templates, Ethernet EV2....................................................... B-2
B-2. Surveyor Filter Templates, IP and IPX over Ethernet EV2............................ B-3
B-3. Surveyor Filter Templates, TCP/IP over Ethernet EV2.................................. B-5
B-4. Surveyor Filter Templates, UDP/IP over Ethernet EV2................................. B-7
B-5. Surveyor Filter Templates, Ethernet LLC/Novell .......................................... B-9
B-6. Surveyor Filter Templates, Ethernet SNAP.................................................... B-10
B-7. Surveyor Filter Templates, Ethernet ISL........................................................ B-11
B-8. Standard Filter Templates, Token Ring .......................................................... B-14
C-1. Shortcut Keys from Summary and Detail View ............................................. C-1
C-2. Shortcut Keys from All Windows .................................................................. C-2
C-3. Shortcut Keys from Summary View............................................................... C-2
C-4. Shortcut Keys from Detail View..................................................................... C-2
C-5. Shortcut Keys from the Capture View Window............................................. C-2
C-6. Shortcut Keys from the Capture Filter Window............................................. C-3
D-1. Parser Names, DLC Suite............................................................................... D-1
D-2. Parser Names, Applications and Others ......................................................... D-1
D-3. Parser Names, Apple Talk Suite..................................................................... D-2
D-4. Parser Names, Banyan Suite........................................................................... D-2
D-5. Parser Names, Cisco Suite.............................................................................. D-3
D-6. Parser Names, DECnet Suite .......................................................................... D-3
D-7. Parser Names, Fujitsu Suite............................................................................ D-3
xix
Surveyor
User’s Guide
D-8. Parser Names, IBM Suite................................................................................ D-4
D-9. Parser Names, Internet Suite........................................................................... D-4
D-10. Parser Names, Internet Next Generation Suite ............................................... D-6
D-11. Parser Names, Netware Suite.......................................................................... D-6
D-12. Parser Names, PPP Suite ................................................................................ D-7
D-13. Parser Names, XNS Suite ............................................................................... D-7
D-14. Parser Names, H.323 Suite ............................................................................. D-8
D-15. Parser Names, ITU Codecs............................................................................. D-8
D-16. Parser Names, Cisco IP Telephony Suite........................................................ D-9
D-17. Parser Names, Other Multimedia.................................................................... D-9
D-18. Parser Names, Intel Suite................................................................................ D-9
D-19. Parser Names, VPN Suite ............................................................................... D-9
xx
Chapter 1
1 Introduction
Finisar is the technology leader in providing LAN and SAN analysis tools. Finisar's
fully distributed, full-line-rate performance network analysis products monitor,
measure, analyze, and troubleshoot 10/100/1000 Ethernet and VoIP. These products
deliver unrivaled scalability, performance, accuracy and value to customers
worldwide. Finisar's Surveyor software is a Windows-based (2K, NT 4.x, XP)
software analyzer-plus-monitor application for 10/100/1000 Ethernet networks.
Surveyor provides users with the most robust, easy to use set of network analysis
and monitoring tools in a single package. Surveyor's features include full 7-layer
packet decode and analysis, real-time network statistics, advanced alarm setting and
actions, packet edit and slicing, multi-layer filtering, and automatic name table
updating. Optional software modules provide multi-layer expert analysis, traffic
generation, and the ability to monitor remote segments.
Finisar's Multi-QoS software plug-in monitors, measures, and analyzes QoS of
VoIP (Voice Over IP) calls. Multi-QoS includes Telchemy’s VQMon VoIP call
quality analysis engine. VQMon enables you to measure call quality from "ear-toear" using ITU standard passive test methods. This feature allows you to accurately
predict MOS scores and confirm SLA performance. Multi-QoS reports over 20 QoS
metrics (jitter, packet loss, delay, etc.) and provides Call and Channel table
summaries similar to Call Detail Records (CDRs) for standard and custom VoIP
protocols including H.323, SIP, and Cisco SSP and SCCP calls. Multi-QoS is one of
the first products to provide both network analysis and VoIP measurement and
verification for Cisco AVVID (Architecture for Voice, Video and Integrated Data).
Features include call playback of G.711 codec data.
Surveyor typically interfaces with one or more of Finisar's hardware analyzer tools.
Surveyor can simultaneously capture, monitor, and analyze multiple devices and
analyze captured data. Surveyor monitors local network segments, and the optional
Remote plug-in allows Finisar software to communicate with Finisar hardware and
access Finisar products on remote segments.
1-1
Surveyor
User’s Guide
Surveyor's user interface provides both a comprehensive view of the network as
well as the ability to easily drill down to a specific network segment. Surveyor's
main window provides a single, user-defined view for each of the segments being
monitored. The user determines what information to view for each segment such as
network utilization, protocol distribution, host table, etc. In this same window, the
user can create alarms that monitor multiple segments simultaneously.
An optional Expert plug-in includes expert features for automatic and very detailed
problem diagnosis. Potential error conditions are automatically logged. Counters,
addresses, protocols, and diagnostic information related to the detected network
condition are displayed. You can also set alarms to be informed of any events
detected by the Expert system.
For test and development environments, an optional Packet Blaster plug-in software
provides advanced traffic generation and intelligent packet and file editing
capabilities.
Surveyor Functions
Surveyor provides tremendous flexibility in performing the tasks required to
monitor and troubleshoot your network. As your Surveyor expertise grows you will
find that the number of ways you can set up and apply the tool are virtually limitless.
1-2
The basic functions of Surveyor are described in Table 1-1. Table 1-2 on the next
page shows the additional functions available with the optional Surveyor software
modules, called plug-ins.
Table 1-1. Surveyor Functions
Function Description
Capture Capture data from a network and place it in system memory space (buffer)
on an analyzer device. Surveyor lets you create and save capture filters that
direct analyzer devices to capture only the information you want to view and
analyze.
Capture View Look at the data in a way that is useful for network analysis and troubleshoot-
ing. Surveyor lets you create and save viewing filters to display only the information you want to analyze. The data can be viewed in numerous ways and
from different perspectives. Display of the data can be either as graphical
charts or row-and-column tables.
Filter Surveyor lets you create and save capture/display filters to collect/display
only the information you want to view and analyze.
Save Move captured data from a capture buffer to a storage device on the Sur-
veyor host PC. Surveyor enables you to store captured data onto your hard
drive for later viewing, analysis, or transmission.
Introduction
Surveyor Functions
Table 1-1. Surveyor Functions (continued)
Log Record counter information. Surveyor enables you to capture all byte, frame,
and error counter values compiled during the capture or transmission of data.
Monitor Real-time views for data seen on a network segment. The data can be
viewed in numerous ways and from different perspectives. Display of the
data can be either graphical charts or row-and-column tables.
Settings Alarms Alarms can be set to flag network conditions. Actions can be performed
when alarms are triggered.
Table 1-2. Surveyor Optional Software Modules and Their Functions
Function Description
1
Remote Functions
(Remote plug-in)
Transmit
(Packet Blaster
plug-in)
Expert Analysis
(Expert plug-in)
Voice/Video over
Ethernet Analysis
(Multi-QoS plug-in)
All data collection and data management functions described in Table 1-1
are available from other devices in a distributed network.
Send data to a network. Surveyor lets you see what happens to your network
under precisely controlled conditions. You can play back streams of captured
data or you can transmit edited data. You can edit a stream of captured data
by changing the sequence of the packets, deleting or adding (inserting) packets, creating bad packets, eliminating all packets of a certain type (protocol)
and so on. Surveyor also gives you complete control of when, how fast, how
long, and how often it transmits the data you want to send over the network.
Expert analysis starts with the automatic logging of possible problems.
Expert data views display counters, addresses, protocols, and diagnostic
information related to the detected network condition. Expert alarms can be
set to flag network error conditions. Actions can be performed when alarms
are triggered.
Decode VoIP and other synchronous protocols in an Ethernet environment
and present the data in tables.
detail records showing QoS statistics, addresses, and protocol conditions
related to conversations and channels within the H.323, SIP, or Cisco’s
SCCP protocol.
Multi-QoS data views display counters, call
1-3
Surveyor
User’s Guide
Analyzer Devices
The full power of Surveyor is realized through optional hardware analyzer cards
available from Finisar. Analyzer cards from Finisar are installed in a PC, a notebook
PC, or in a separate analyzer device. The table below provides a brief summary of
the Finisar analyzer devices used by Surveyor:
Finisar Device Description
Table 1-3. Finisar Analyzer Devices
THGm (Ten/Hundred/
Gigabit module)
THGs Analyzer device accessed remotely by Surveyor. THGs contains two syn-
THGsE Analyzer device accessed remotely by Surveyor. THGsE contains two syn-
THGp Portable analyzer/PC device running Surveyor and other analyzer soft-
THGnotebook Portable undercarriage unit with one or two THGm analyzer cards
Portable Surveyor 10/
100 Ethernet Analyzer Card
PCI-bus hardware card that installs in a PC for analyzing 10/100 Ethernet
or Gigabit Ethernet networks.
chronized THGm modules for analysis of full-duplex 10, 100, or Gigabit
Ethernet traffic at full-line rate.
chronized THGm modules for analysis of full-duplex 10, 100, or Gigabit
Ethernet traffic at full-line rate. THGsE also contains a 80MB hard disk for
capture to disk.
ware. THGp contains one or more THGm modules for analysis of 10, 100,
or Gigabit Ethernet traffic at full-line rate.
designed to operate with a high-performance notebook computer. Connection to the notebook PC is via PCI bus expansion. Full line rate THGm analyzer cards are made available from a notebook PC.
CardBus analyzer/adapter card that installs in a notebook PC for analyzing
10/100 Ethernet networks.
See Chapter 5 for more detailed information on how Surveyor uses analyzer
devices.
Protocols Supported
Table 1-4 on the following page lists the network and application protocols that
Surveyor can decode. For a listing of protocol specifications and information, refer
to Appendix C.
Note that Finisar continually adds to the list of protocols it can decode. If you do not
see a protocol on this list that you need, visit the Finisar web site, www.Finisar.com,
or check with Customer Support for new additions.
1-4
Table 1-4. Protocols Supported in Surveyor
Introduction
Protocols Supported
1
MAC Layer TCP/IP Suite TCP/IP Suite
IEEE 802.2 (LLC) ARP Ident RPC
IEEE 802.3 ASF-RMCP iFCP RTSP
Ethernet II BGP (Version 4) IGMP SGCP
IEEE 802.5 BOOTP IMAP SLP
Loopback CharGen IMSP IP SMTP
MAC Control Frame DHCP iSCSI SNMP (v1, v2, v3)
IEEE SNAP Discard LDAP TCP
IEEE 802.1X DNS MIME TELNET
Echo Mobil_IP (A11) TFTP
PPP Suite EGP MOUNT TPKT
PPPCHAP Finger NetBIOS UDP
PPPIPCP FTP NFS UNIX Remote Svcs
PPPIPX GGP NIS
PPPLCP Gopher NNTP VRRP
PPPNBFCP HTTP NTP WebNFS
PPP over Ethernet HTTPS OSPF WhoIs
ICMP PH XDR
(Cont.) TCP/IP Suite (Cont.)
(lpr, rcp, rexec, login, rsh)
Cisco Suite POP3 XDMCP
CDP IPX/SPX Suite PORT MAPPER Xwindows
DISL Diagnostic RARP
EIGRP Error RIP (Version 2) XNS
HSRP IPX Echo Protocol
IGRP IPX BCAST IP Multicast Error Protocol
ISL IPX EIGRP DVMRP IDP
RUDP IPX Ping MOSPF NetBOIS over SSP
SSP, SCCP IPX RIP, IPX WAN PIM-DM PEP
VTP NBCAST PIM-SM RIP
NCP RSVP SSP
NDS
1-5
Surveyor
User’s Guide
Oracle Suite IPX/SPX Suite (cont.) LOA Banyan Vines Suite
TNS (TCP/IP only) NetBOIS LOA VARP
SQLNET NLSP VICP
AppleTalk Phase2 Packet Burst VIP
AARP SAP VIPC
ADSP Serialization Sybase Suite VRPC
AEP SPX TDS (TCP/IP only) VRTP
AFP SPX II VSPP
ASP Watchdog Fujitsu Suite
ATP DECnet Phase IV FNA
AURP CTERM LNDFC SNA Protocol Suite
DDP DAP 3270
DDP EIGRP DRP Applications FDC
LAP FOUND cc:Mail FID2
NBP LAT Lotus Notes FM
PAP L AVC F inisa r R SP NC
RTMP MOP XWIN XID
ZIP NICE SC
NSP
IPV6 IpSec VPN Bridge Protocols
DHCPng AH L2TP BDPU
ICMPng ESP LDP IEEE 802.1D
IDRPng ISAKMP PPPOEDS IEEE 802.1Q VLAN
IPng KERBEROS PPPOESS GARP (802.1p)
OSPFng RADIUS GMRP
RIPng SOCKS Microsoft GVRP
RSVPng SSH NMPI
TACACS SMB
TLS SMB+ (CIFS)
WebNFS
1-6
Protocols Supported
IBM ISO Intel MPLS
NetBEUI CLNP MTP2 CR-LDP
NetBIOS CONP MTP3 RSVP-TE
ESIS RTSP
ISIS TCAP
ISO
Table 1-5. Supported Multi-Media Protocols
Multi-Media
ITU H.323 IETF Cisco Codec
ASN.1 H.248 / Megaco RUDP CellB
GK DISC MGCP SCCP G.711
H.225.0 RTCP SSP G.721
H.245 RTP G.722
H.323v4 RTSP G.723
Introduction
1
H.450.1 SGCP G.728
Q.921 SIP G.729
Q.931 H.261
RAS H.263
T.120 JPEG
T. 38 MPEG (v1, v2)
PCMU
PCMA
1-7
Surveyor
User’s Guide
What's New in Release 5.0
A synopsis of what's new in Surveyor 5.0 is provided below.
Capture to Disk and THGsE Analyzer Support
Surveyor now supports streaming large amounts of data to disk. A new hardware
analyzer, named THGsE, has been developed to make streaming of capture data to
disk possible. The THGsE is the essentially the same hardware analyzer device as
the THGs, with the addition of an internal disk. With THGsE, up to 80GB of disk
space is available for capture.
Like THGs, the THGsE comes with two THGm analyzer cards that can capture
CAT5 Ethernet traffic at 10/100 Mbps or capture fiber optic Gigabit Ethernet at full
line rate. A 10/100 Mbps management port, a local serial port for configuration, plus
a serial port for connection to a single port tap or a multi-port switching tap are all
included. The THGsE can be controlled and configured from Surveyor similar to the
THGs; the device is seen as a remote analyzer that can be started and stopped from
Surveyor. Note that capture to disk at full line rate is not supported for 100Mbps or
Gigabit Ethernet speeds.
Disk Caching
Large capture segments, when opened, are now saved to a Cache location on the
local hard drive. This is a useful performance enhancement since capture segments
from a remote module are now handled locally. Capture segments no longer need to
be downloaded again when decoding, filtering, editing, or saving actions are taken.
You can set the cache size based on the availability of space on his local hard drive.
Capture Management
Several new features have been added to the Surveyor interface to support the
analysis of very large capture files:
• Histogram display to locate position and area of interest within a large capture
file
• Decode of captured data in manageable sections of approximately 10MB
• Ability to merge capture files
A master capture management file with extension .HST has been added to Surveyor.
When the .HST capture file is opened or when a capture buffer is opened, a
histogram will build and then the first segment of the capture will be decoded. All
new captures are saved in .HST format. A histogram file can have many capture
files (.CAP), each of which is a segment of the total capture data.
1-8
Expanded Multi-QoS Support
The Multi-QoS software has been expanded to recognize a broader range of VoIP
calls.This includes call formats used by Avaya and Alcatel.
Multi-QoS now has the capabilities to build the call table without signaling
information. Such calls are listed with a protocol type of UNKNOWN. This can be
useful to see calls where signaling packets are unsupported or for probing end
points that do not see signaling packets.
SMNP Extended Agent
The SNMP agent for Surveyor has been expanded to include management fields
other than alarms. The new Surveyor agent implementation uses SNMPv2.
New and Enhanced Protocol Decodes
The following protocol decodes are new or enhanced in version 5.0 of Surveyor:
• ASF-RMCP, Alert Standard Format protocol
Introduction
What's New in Release 5.0
1
1-9
Surveyor
User’s Guide
1-10
Loading...